Bugtraq mailing list archives

Re: AIX rlogind

From: kjj () pondscum phx mcd mot com (Kevin Johnson)
Date: Sun, 22 May 1994 08:02:05 -0700 (MST)

It seems that just about every system that has installed the "shadow"
password suite (the free version from John F. Haugh II. It was posted
on comp.sources.unix from memory.) is vulnerable with this.


Hmmm... I can't seem to reproduce it with Haugh's shadow passwd package.

The arg processing in lmain.c uses getopt.
Is it a bug in some implementations of getopt?  Or are you testing an
older version of the package than I have source code for (it appears to
be 3.3)?

--
#include <std_disclaimer>
"Frank Zappa is dead - the world is a duller shade of gray" - me
.-----------------------------------------------------------------------------.
| Kevin Johnson                                           kjj () phx mcd mot com |
| Information Technologies Network Administrator  Motorola MCG                |
| MCG postmaster, MCG Network Security Administrator                          |

Current thread:

Re: ruserok() & /etc/hosts.equiv Carl Corey (May 03)
- <Possible follow-ups>
- Re: ruserok() & /etc/hosts.equiv Carl Corey (May 03)
  - Re: ruserok() & /etc/hosts.equiv Walker Aumann (May 03)
- Re: ruserok() & /etc/hosts.equiv Uwe Ellermann (May 04)
  - Re: ruserok() & /etc/hosts.equiv Wietse Venema (May 21)
  - AIX rlogind peter () freedom nmsu edu (May 21)
    - Re: AIX rlogind Peter Wemm (May 21)
    - Re: AIX rlogind Kevin Johnson (May 22)
    - Re: AIX rlogind Casper Dik (May 22)
    - Re: AIX rlogind Kevin Johnson (May 22)
    - Re: AIX rlogind Casper Dik (May 22)
    - Re: AIX rlogind Peter Wemm (May 22)
    - Re: AIX rlogind matthew green (May 22)
    - Re: AIX rlogind Paul A Vixie (May 23)
    - Fix for Linux/AIX login hole Karyn Pichnarczyk (May 23)
    - Re: Fix for Linux/AIX login hole Rens Troost (May 23)
    - Re: AIX rlogind Bonfield James (May 24)
    - Fix for Linux/AIX login hole Doug McLaren (May 22)

(Thread continues...)