Bugtraq mailing list archives
Re: [linux-security] sliplogin (fwd)
From: nate () mt sri com (Nate Williams)
Date: Tue, 16 Jul 1996 19:27:12 -0500
[ Linux sliplogin bug ]
Interesting. The code is the same on FreeBSD, it looks like. However, on the default distributed system, there isn't a /etc/sliphome directory, which is necessary for sliplogin to startup correctly. Therefore the standard FreeBSD distribution dies out before it gets anywhere near the system command. If you do run slip off of your system however, its much more possible that bad things can happen..
Also, note the following: revision 1.6 date: 1996/04/24 20:18:25; author: pst; state: Exp; lines: +9 -0 Close a security hole in sliplogin. If you use sliplogin as a user shell (in /etc/passwd) upgrade to this version. Reviewed by: bde, peter Submitted by: AUS CERT Obtained from: Linux sliplogin-2.02 So, even if you setup /etc/sliphome, your system won't be vulnerable. Nate
Current thread:
- Re: brute force Jacob Langseth (Jul 10)
- Re: brute force Buckaroo Banzai (Jul 16)
- Holly Wars Aleph One (Jul 16)
- [linux-security] sliplogin (fwd) Paul Danckaert (Jul 16)
- Re: [linux-security] sliplogin (fwd) Nate Williams (Jul 16)
- HP/UX 10.01 Remote Administration accoun Matt Barrie SYD (Jul 16)
- locate Ian Otsane (Jul 16)
- Re: locate Christian Limpach (Jul 17)
- FreeBSD Security Advisory 96:17 - rzsz FreeBSD Security Officer (Jul 17)
- FreeBSD Security Advisory 96:16 - rdist FreeBSD Security Officer (Jul 17)