Bugtraq mailing list archives
Re: AIX rlogind
From: casper () fwi uva nl (Casper Dik)
Date: Sun, 22 May 94 23:19:26 +0200
The rlogind on my machine (a Motorola r32 box) using the shadow 3.3.x package does not exhibit the bug. I'm wondering if it's a composite bug between certain implementations of rlogind and login. I am of the opinion that this is an important point to resolve due to the variety of alternative implementations of rlogind and login out there... bugtraqers, Has anyone checked to see if Wietse Venema's rlogind in his logdaemon package exhibits the same behavior with shadow 3.3.x login?
If Wietse's logdaemon is compiled with OLD_LOGIN (the default if you don't define NEW_LOGIN), you can use it with shadow's /bin/login. In that case the username argument is not passed on the commandline, instead it is read from stdin by login. So it depends on your rlogin daemon: if the rlogin daemon does the protocol bit of the rlogin protocol, you might be vulnerable as it needs to call a login that understands the -f option and it needs to pass the username on the command line. If your login program does the rlogin protocol, you're not vulnerable. Some trick with a funny hostname spring to mind, but the hostname is always preceded with a -h so it is never interpreted other than a character string that is a hostname. Casper
Current thread:
- Re: ruserok() & /etc/hosts.equiv Carl Corey (May 03)
- <Possible follow-ups>
- Re: ruserok() & /etc/hosts.equiv Carl Corey (May 03)
- Re: ruserok() & /etc/hosts.equiv Walker Aumann (May 03)
- Re: ruserok() & /etc/hosts.equiv Uwe Ellermann (May 04)
- Re: ruserok() & /etc/hosts.equiv Wietse Venema (May 21)
- AIX rlogind peter () freedom nmsu edu (May 21)
- Re: AIX rlogind Peter Wemm (May 21)
- Re: AIX rlogind Kevin Johnson (May 22)
- Re: AIX rlogind Casper Dik (May 22)
- Re: AIX rlogind Kevin Johnson (May 22)
- Re: AIX rlogind Casper Dik (May 22)
- Re: AIX rlogind Peter Wemm (May 22)
- Re: AIX rlogind matthew green (May 22)
- Re: AIX rlogind Paul A Vixie (May 23)
- Fix for Linux/AIX login hole Karyn Pichnarczyk (May 23)
- Re: Fix for Linux/AIX login hole Rens Troost (May 23)
- Re: AIX rlogind Bonfield James (May 24)
- Fix for Linux/AIX login hole Doug McLaren (May 22)
- Re: Fix for Linux/AIX login hole Tony Jago (May 23)
- Re: AIX rlogind Wietse Venema (May 23)
- AIX Fix Mark Fullmer (May 22)