Bugtraq mailing list archives
Re: Fix for Linux/AIX login hole
From: cklaus () shadow net (Christopher Klaus)
Date: Mon, 23 May 94 19:24:13 EDT
That would be a very poor fix, as it would only keep out people using the hole to access 'root'. rsh machine -l -fbin would still work, and if AIX is like most Unixes, getting access to bin, daemon, or one of the other system users leaves little work left to get root. Plus you can login as any real user on the system, passwords are meaningless.
I tried doing rlogin -l -fbin, -fdaemon, etc. It only worked for accounts that had their passwords set, such as root and regular accounts. Since bin and daemon had their passwords as * instead of a real password, I assume login didnt check getty or something was diverting it from letting you gain access. So, its just a matter of fingering the aix machine to find other accounts to log in as. -- Christopher William Klaus <cklaus () shadow net> <iss () shadow net> Internet Security Systems, Inc. 2209 Summit Place Drive, Atlanta,GA 30350-2430. (404)998-5871.
Current thread:
- Re: Fix for Linux/AIX login hole Serge J. Goldstein (May 23)
- Re: Fix for Linux/AIX login hole Doug McLaren (May 23)
- <Possible follow-ups>
- Re: Fix for Linux/AIX login hole Doug Siebert (May 23)
- Re: Fix for Linux/AIX login hole Christopher Klaus (May 23)
- Re: Fix for Linux/AIX login hole H Morrow Long (May 23)
- Re: Fix for Linux/AIX login hole Perry E. Metzger (May 24)
- Re: Fix for Linux/AIX login hole George Boyce (May 24)
- Re: Fix for Linux/AIX login hole Perry E. Metzger (May 24)
- Re: Fix for Linux/AIX login hole Perry E. Metzger (May 24)