Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1994_3

Bugtraq archives for 3rd quarter (Jul-Sep) 1994: Re: -froot??? (AIX rlogin bug)

Re: -froot??? (AIX rlogin bug)

Baba Z Buehler (babaph-meter.beckman.uiuc.edu)
Sat, 30 Jul 1994 15:58:03 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: jsz: "Re: Solaris problems?"
Previous message: Alexander Haiut: "Re: -froot??? (AIX rlogin bug)"
In reply to: Eric Wedaa: "-froot??? (AIX rlogin bug)"
Next in thread: Bill Heiser: "Re: -froot??? (AIX rlogin bug)"

ericwfx.com (Eric Wedaa) writes:

> Someone over on the firewalls mailing list just threw out this tidbit:
> 
>    rlogin aix.machine -l -froot
> 
> For instance:
>  
>    rlogin foobar -l -froot
> 
> This gives you root access on any AIX 3.2.X machine.
> 
> Does anyone have any history on this trapdoor?  Apparently
> it also existed in Linux several generations ago.
> 

That's a bit old, and I believe IBM has at least an "unofficial" fix for
it now.  

I run some Linux systems, and I haven't seen the problem in any of the
Linux 1.x releases.

b
--
# Baba Z Buehler
# Beckman Institute Systems Services, Urbana Illinois
#
#  "How come that big box of bright ideas you sent
#   me is the one they say fell off the truck?"  -- Butch Hancock
#
# WWW: http://www.beckman.uiuc.edu/groups/biss/people/baba/
# PGP Public Key available via finger bababeckman.uiuc.edu

Next message: jsz: "Re: Solaris problems?"
Previous message: Alexander Haiut: "Re: -froot??? (AIX rlogin bug)"
In reply to: Eric Wedaa: "-froot??? (AIX rlogin bug)"
Next in thread: Bill Heiser: "Re: -froot??? (AIX rlogin bug)"