Bugtraq mailing list archives

Re: Major security-hole in kerberos rsh, rcp and rlogin.

From: e96_agr () E KTH SE (Artur Grabowski)
Date: Tue, 4 Nov 1997 05:09:59 +0100


To remove some of the panic:  to activate the bug, it is required that
there are valid tickets for the target user laying around somewhere on
your system (usually in /tmp/).

The bug is still a very serious one.

e96_agr> //Artur Grabowski (administrator on stacken.kth.se)

Credits where credits are due:  the bug was discovered by
Mattias Amnefelt <mattiasa () stacken kth se>

--
Richard Levitte   \ Spannvägen 38, II \ LeViMS () stacken kth se
Vice Chairman and  \ S-161 43  BROMMA  \ T: +46-8-26 52 47
Redakteur @ Stacken \      SWEDEN       \ or +46-708-20 09 64
Tell the users you lov'em, say it with a flower.
Give them a Triffid!                       -- bastard () bofh se

Unsolicited commercial email is subject to an archival fee of $400.
See <http://www.stacken.kth.se/~levitte/mail/> for more info.

Current thread:

Re: Major security-hole in kerberos rsh, rcp and rlogin. Artur Grabowski (Nov 03)
- <Possible follow-ups>
- Re: Major security-hole in kerberos rsh, rcp and rlogin. Matt (Nov 04)
- Re: Major security-hole in kerberos rsh, rcp and rlogin. Mattias Amnefelt (Nov 06)
  - Re: Major security-hole in kerberos rsh, rcp and rlogin. Holden (Nov 06)
- Re: Major security-hole in kerberos rsh, rcp and rlogin. Jeff Polk (Nov 07)
  - Re: Major security-hole in kerberos rsh, rcp and rlogin. Robert Watson (Nov 07)