Bugtraq mailing list archives
Re: Security Info (root broken)
From: casper () fwi uva nl (Casper Dik)
Date: Thu, 29 Sep 1994 16:33:38 +0100
On Thu, 29 Sep 1994 07:04:44 -0600 (CDT), Pug <pug () arlut utexas edu> said:As I remember the race condition, you don't have a problem if you don't allow the 'r' commands into your system. The race condition created a .rhosts file for accounts that had UID 0, but no existing .rhosts file. I can't find my copy of the exploit anymore to be certain. As well, you had to start on the system, so it wasn't that much of an external job anyway.
This is one of the problems with exploit scripts: the scripts uses .rhosts as one file to create for a user. Now this particular file has a certain interpretation that makes it dangerous. However, there are many more files that when created will cause problems. Besides, I believe that this is not the bug at issue. A newer bug was found by and alluded to on Usenet by Joerg Czeranski. No patch has been made yet by Sun, even though it has been more than two months.
I see allowing 'r' commands into your installation as a Bad Thing anyway.
If you allow it locally (in a non-secure NFS environment) it is a *good* thing, aslong as you resrict it. It gives snoopers much less chance of getting lots of local passwords Casper
Current thread:
- Re: setuid scripts in SunOS 4.1.x, (continued)
- Re: setuid scripts in SunOS 4.1.x John Hawkinson (Sep 28)
- Security Info (root broken) Pat Myrto (Sep 28)
- Re: Security Info (root broken) Valdis.Kletnieks () vt edu (Apr 18)
- Re: Security Info (root broken) Perry E. Metzger (Sep 28)
- Re: Security Info (root broken) pluvius (Sep 28)
- Re: Security Info (root broken) Charles R. Hoynowski (Sep 29)
- Re: Security Info (root broken) Christopher Klaus (Sep 28)
- Re: Security Info (root broken) Pug (Sep 29)
- Re: Security Info (root broken) John Ladwig (Sep 29)
- Re: Security Info (root broken) Pug (Sep 29)
- Re: Security Info (root broken) Casper Dik (Sep 29)
- Re: Security Info (root broken) Timothy Newsham (Sep 29)
- Old sendmail bugs Michael Neuman (Sep 29)
- Re: Security Info (root broken) Karl Strickland (Sep 29)
- Re: Security Info (root broken) Christopher Klaus (Sep 29)
- Re: Security Info (root broken) Pug (Sep 29)
- Re: Security Info (root broken) Pug (Sep 29)
- Re: Security Info (root broken) Neil Woods (Sep 29)
- IBM AIX rlogin fix jim () Tadpole COM (Sep 28)
- security problem w/ smail james w abendschan (Sep 27)