-
August 29th, 2002, 06:16 PM
#1
flaw: gain root remotly
rlogin -froot
this old flaw has recently gained new popularity. It's a high risk, cause root can be taken remotly, therefor, make sure /bin/login isn't vulnerable to the known bug, rlogin -froot
You need to upgrade your /bin/login or if you want to be sure, you can comment out the rlogin line in your /etc/inetd.conf
More info about the rlogin at: http://www.sei.cmu.edu/publications/...7abstract.html
http://www.mkssoftware.com/docs/man1/rlogin.1.asp
Cert advisory from 1997: (1997!!!)
http://www.cert.org/advisories/CA-1997-06.html
-
August 29th, 2002, 08:06 PM
#2
Junior Member
Thanks for the heads up VictorKaum. Some computers on my network weren't configured correctly for this certin exploit.
Posting Permissions
- You may not post new threads
- You may not post replies
- You may not post attachments
- You may not edit your posts
-
Forum Rules
|
|