Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1994_4

Bugtraq archives for 4th quarter (Oct-Dec) 1994: Re: login -h

Re: login -h

Bogdan Pelc (pelcfb3-s7.math.tu-berlin.de)
Thu, 8 Dec 1994 09:26:14 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Jason Matthews: "Re: Race conditions"
Previous message: Damir Rajnovic: "exec login"
In reply to: Ed Arnold: "Re: login -h"
Next in thread: Adam Shostack: "Re: login -h"

>>>>> "EA" == Ed Arnold <eraucar.edu> writes:

  EA> James Bonfield wrote:
  >> A typical spoof would be:
  >> 
  >> rlogin targethost -l -htargethost
  >> 
  >> Then type in the user and password. It'll then appear to last, who and
  >> probably finger, on targethost that the user has logged in from that
  >> system, not from remotely.
  >> 
  >> This bug occurs on several systems, such as DEC OSF/1 V3.0 and
  >> Concentrix 2.1.  I have tried Solaris 2.3 and SunOS 4.1 which both
  >> appear to be safe from this at first glance. (We haven't got a newer
  >> SunOS 4.x unfortunately! So I've done no tests on 4.1.3U1.) I expect
  >> most other systems are safe too.

  EA> Both 4.1.3_U1 and AIX 3.2.5 appear to be safe ...

But not on AIX 3.2.4, on this system this Trick does its work.

____________________________________________________________________________
      Bogdan Pelc; Sekr. 6-3, Ma666; Tel: 030-31425746, 030-31422491
			  pelcmath.tu-berlin.de

Do You realize , that this world is totally FUGAZI, where are the poets,
where are the visionaries ...  (FISH)

Next message: Jason Matthews: "Re: Race conditions"
Previous message: Damir Rajnovic: "exec login"
In reply to: Ed Arnold: "Re: login -h"
Next in thread: Adam Shostack: "Re: login -h"