OSVDB ID: 1007

Title: Multiple Unix Vendor rlogin -froot Remote Authentication Bypass

Info

Disclosure
May 21, 1994

Discovery
Jan 01, 1994

Dates

Exploit
May 21, 1994

Solution
Unknown

Description

 The rlogin command of multiple Unix vendor contains a flaw that may allow a remote attacker to bypass authentication settings. The issue is triggered when using the '-froot' parameter, which allows a remote attacker to gain root access on a system without being prompted for a password resulting in a loss of integrity.

Classification

 Location: Remote / Network Access, Local / Remote
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Patch / RCS
Exploit: Exploit Public
Disclosure: OSVDB Verified, Uncoordinated Disclosure, Discovered in the Wild

Solution

 Contact your vendor for an appropriate patch. It is also possible to correct the flaw by implementing the following workaround: comment out the 'rlogin' line in /etc/inetd.conf and restart the inetd process.

Products

International Business Machines Corporation

AIX

 3.1.x
3.2.x

Unknown Distribution

Linux

 Unknown or Unspecified

Silicon Graphics, Inc.

IRIX

 Unknown or Unspecified

References

Credit
  • Pug - pugarlut.utexas.edu -


Direct URL: http://osvdb.org/1007