Bugtraq mailing list archives

Re: -froot??? (AIX rlogin bug)

From: aeppert () ideanet doe state in us (Aaron Eppert)
Date: Fri, 29 Jul 1994 22:04:35 -0400 (EST)


On Fri, 29 Jul 1994, Eric Wedaa wrote:

For instance:
 
   rlogin foobar -l -froot

This gives you root access on any AIX 3.2.X machine.

Does anyone have any history on this trapdoor?  Apparently
it also existed in Linux several generations ago.


        OLD HOLE.  Good ol' rlogind hole.  Yes it gives anyone who
        has access to rlogin and half a brain root.  There is a
        patch available or just disable rlogind.

                Aaron

Current thread:

Re: Bad Advise, (continued)
- - - Re: Bad Advise Mark Moraes (Jul 26)
    - Re: Bad Advise Philip Yzarn de Louraille (Jul 27)
    - Re: Bad Advise jim () Tadpole COM (Jul 26)
    - Re: Re: Bad Advise Pete Hartman (Jul 26)
    - Re: Bad Advise Evil Pete (Jul 26)
    - Re: Bad Advise David Lawrence Oppenheimer (Jul 26)
    - Re: Bad Advise Harold van Aalderen (Jul 26)
    - Re: Bad Advise Christopher Klaus (Jul 26)
    - Re: Bad Advise Timothy Newsham (Jul 27)
    - -froot??? (AIX rlogin bug) Eric Wedaa (Jul 29)
    - Re: -froot??? (AIX rlogin bug) Aaron Eppert (Jul 29)
    - Re: -froot??? (AIX rlogin bug) Mark G. Scheuern (Jul 30)
    - Re: -froot??? (AIX rlogin bug) Alexander Haiut (Jul 30)
    - Re: -froot??? (AIX rlogin bug) Baba Z Buehler (Jul 30)
    - Solaris problems? James W. Abendschan (Jul 29)
    - Re: Solaris problems? Steve Davis (Jul 30)
    - Re: Solaris problems? jsz (Jul 30)
    - Re: Solaris problems? Casper Dik (Jul 31)
  - Re: coredumps on setuid programs. Andrew Beckett (Jul 25)