Bugtraq mailing list archives
Re: AIX rlogind
From: gtoal () an-teallach com (Graham Toal)
Date: Fri, 3 Jun 1994 21:56:36 +0100
: I've just checked DEC OSF/1 V2.0. This seems to be partially ok. The -froot : method won't work (I get complaints about -r, -o, and -t being unknown options : which implies its -f option doesn't take an argument). However the -h trick is : still available (but is obviously less severe). I'm not sure it is less severe. Can't it be used for host spoofing when using rlogin - just set up a user of the appropriate name on your own host and rlogin -l -htrusted.host ??? (I haven't been able to test this yet because I don't have any untrusted hosts handy that can get through the log_tcp blocking!) G PS Sorry if this is late - had a vacation and am now catching up...
Current thread:
- Re: AIX rlogind Graham Toal (Jun 03)
- Re: AIX rlogind matthew green (Jun 03)