[16] in Security FYI
new security hole found in amd program
daemon@ATHENA.MIT.EDU (mhpower@MIT.EDU)
Tue Aug 24 20:33:24 1999
From: mhpower@MIT.EDU
Date: Tue, 24 Aug 1999 20:33:21 -0400
Message-Id: <199908250033.UAA05321@the-oz.mit.edu>
To: security-fyi@MIT.EDU
Reply-To: net-security@MIT.EDU
A security problem has recently been found in the Unix amd (automount
daemon) -- the problem can allow intruders to break in to your
computer remotely, gaining root access immediately in most cases.
Intruders have been exploiting this vulnerability actively this week
to break into MIT computers, particularly ones running Red Hat Linux.
If there is an amd program running on your computer, you should kill
the process now in order to avoid remote root compromise. The web page
http://web.mit.edu/net-security/www/fyi/fyi-1999-004-amd.html
describes how to kill the process, and contains other information
related to the issue and the possibility of software patches.
Matt Power
Network Security team, MIT Information Systems
