[472] in linux-security and linux-alert archive
Re: SSLtelnet patch
daemon@ATHENA.MIT.EDU (Peter Tobias)
Wed Nov 8 17:43:04 1995
To: iialan@iifeak.swan.ac.uk (Alan Cox)
Date: Wed, 8 Nov 1995 00:54:40 +0100 (MET)
From: "Peter Tobias" <tobias@server.et-inf.fho-emden.de>
Cc: linux-security@tarsier.cv.nrao.edu
Reply-To: tobias@et-inf.fho-emden.de
In-Reply-To: <m0tCPu4-00014AC@iiit.swan.ac.uk> from "Alan Cox" at Nov 6, 95 11:39:51 am
Alan Cox wrote:
>
> > This patch address the current CERT advisory about the telnet
> > vulnerability. It was created under linux using SSLtelnet 0.2.
> > Iam not sure what the latest is but here it is anyway.
> > You need to change LD_LIBRARY_PATH to whatever is dangerous in your
> > OS.
> >
> No it doesnt. There are other variables you must clear (PRELOAD/ELF/AOUT
> only variables) - and if you use login shell scripts for restricted acocunts
> IFS.
And probably ENV (bash). With ENV you can start a script _before_ it
will start the login shell script. With a simple script you can
gain access to all such accounts. I changed the telnetd of the Debian
distribution to not export ENV. Other distribution maintainers should
do the same.
Peter
--
Peter Tobias EMail:
Fachhochschule Ostfriesland tobias@et-inf.fho-emden.de
Fachbereich Elektrotechnik und Informatik tobias@perseus.fho-emden.de
Constantiaplatz 4, 26723 Emden, Germany
