Bugtraq mailing list archives
Re: Problem with SATAN/VMS
From: newsham () aloha net (Timothy Newsham)
Date: Sat, 8 Apr 1995 15:49:44 -1000 (HST)
SATAN on AIX has a similar problem. AIX emits a permission denied that the simple test (test -s) doesn't catchThe bourne shell script 'rsh.satan' falsely reports a vulnerability on hosts that are running DEC VMS 6.1 This is because the OS sends the following message to standard output: UCX$RSHD - Permission denied - host IP addr To fix, just add a test for the above string to the 'if $TEST -s "$tmp_file"' test in 'rsh.satan'.
The correct way to test for success or failure is obvious from the following (from the rshd man page): DIAGNOSTICS Except for the last one listed below, all diagnostic messages are re- turned on the initial socket, after which any network connections are closed. An error is indicated by a leading byte with a value of 1 (0 is returned in step 9 above upon successful completion of all the steps pri- or to the execution of the login shell). If an rshd does not do this I'd be inclined to call it broken.
Andreas Siegert afx () ibm de / afx () barolo ak munich ibm com / AFX at IPNET
Current thread:
- Linux/SATAN Adam Machanic (Oct 21)
- Re: Linux/SATAN Michael Galante (Apr 06)
- Re: Linux/SATAN Josh Wilmes (Oct 30)
- SATAN ATTACKS EVERYWHERE Christopher Klaus (Jul 23)
- Re: SATAN ATTACKS EVERYWHERE Leo Bicknell (Apr 07)
- Problem with SATAN/VMS David R. Sears (Apr 07)
- Re: Problem with SATAN/VMS Andreas Siegert (Apr 07)
- Re: Problem with SATAN/VMS Timothy Newsham (Apr 08)
- All.Net's security testing service Baltzer, Craig (Apr 07)
- Re[2]: Technical Observations on SATAN: Issue: VMS and TCP/I Nayfield, Rod (Apr 07)
- Re: SATAN ATTACKS EVERYWHERE Wolfgang Ley (Apr 09)
- Re: SATAN ATTACKS EVERYWHERE Christopher Klaus (Jul 25)
- Re: Linux/SATAN Michael Galante (Apr 06)
- Re: Shadowed PW file under Linux Cenon B.C. Marana Jr. (Apr 07)
- Re: Shadowed PW file under Linux John F. Haugh II (Apr 09)
- Re: Shadowed PW file under OSF/1 Cenon B.C. Marana Jr. (Apr 09)
- Re: Shadowed PW file under OSF/1 Software Test Account (Apr 11)
- Sys V. shedges () cactus netinterior com (Apr 11)