Bugtraq mailing list archives
Re: login -h
From: adam () bwh harvard edu (Adam Shostack)
Date: Thu, 8 Dec 94 9:54:09 EST
You wrote: | >>>>> "EA" == Ed Arnold <era () ucar edu> writes: | | EA> James Bonfield wrote: | >> A typical spoof would be: | >> | >> rlogin targethost -l -htargethost | >> | >> Then type in the user and password. It'll then appear to last, who and | >> probably finger, on targethost that the user has logged in from that | >> system, not from remotely. | EA> Both 4.1.3_U1 and AIX 3.2.5 appear to be safe ... | | But not on AIX 3.2.4, on this system this Trick does its work. Try the -f abuse on that 3.2.4 system. I seem to remember IBM fixing -h at the same time as -f. I think the syntax was rlogin -l -froot hostname Adam -- "It is seldom that liberty of any kind is lost all at once." -Hume
Current thread:
- login -h Bonfield James (Dec 07)
- Re: login -h Alexander Haiut (Dec 08)
- <Possible follow-ups>
- Re: login -h Pete Hartman (Dec 07)
- Re: login -h Casper Dik (Dec 07)
- Re: login -h Ed Arnold (Dec 07)
- Re: login -h Bogdan Pelc (Dec 08)
- Re: login -h Adam Shostack (Dec 08)
- Re: login -h Bogdan Pelc (Dec 08)
- Re: login -h Michael Bresnahan (Dec 07)
- Re: login -h Robert M. Haas (Dec 08)
- Re: login -h H Morrow Long (Dec 08)
- Re: login -h der Mouse (Dec 08)