Bugtraq mailing list archives
Re: -froot??? (AIX rlogin bug)
From: Derik.Jarne () osi com (Derik Jarne x353-2490)
Date: Mon, 1 Aug 94 10:24:47 PDT
The bug that is described here can easily be stopped by disabling login for IBM machines. However, this makes telnet the only means to get into the desired machine. I was looking at a sh script written by "dougmc () graphite comco com (Doug McLaren)" it in essence grabs the offending parameters and logs the attempts with /usr/bin/logger. Nothing complex here but the process of inserting this script into the loop of login process works but is complicated by the TSM Terminal State Management. I know this is not reporting a bug or describing a bug, but it falls into the rhelm of how to fix a hole. I think TSM will do the security for us but I not sure how this TSM is setup and maintained, Does anyone have working knowledge of these process/processes? Thanks in advance Derik.Jarne () osi com
Current thread:
- Re: -froot??? (AIX rlogin bug) Bill Heiser (Aug 01)
- Re: -froot??? (AIX rlogin bug) irvdwijk () cs vu nl (Aug 01)
- SunOs bug G.J.W. Hagenaars (Aug 02)
- The things you can find with Mosaic Daniel R Ehrlich (Aug 02)
- vixie cron Jonathan M. Bresler (Aug 02)
- Re: vixie cron Ollivier ROBERT (Aug 03)
- <Possible follow-ups>
- Re: -froot??? (AIX rlogin bug) DFRussell (Aug 01)
- Re: -froot??? (AIX rlogin bug) Derik Jarne x353-2490 (Aug 01)