[911] in linux-security and linux-alert archive
[linux-security] sliplogin
daemon@ATHENA.MIT.EDU (David Holland)
Tue Jul 16 05:42:43 1996
From: David Holland <dholland@hcs.HARVARD.EDU>
To: linux-security@tarsier.cv.nrao.edu
Date: Mon, 15 Jul 1996 21:56:36 -0400 (EDT)
Anyone running a version of sliplogin older than sliplogin-2.1.0
(which can be gotten from sunsite.unc.edu:/pub/Linux/system/Network/serial
or ftp.uk.linux.org:/pub/linux/Networking/transports) should remove it
or upgrade it immediately.
It does
setuid(0);
if (s = system(logincmd)) {
:
}
without clearing the environment first. Therefore, anybody can get
root trivially.
The sliplogin from NetKit-B-0.06 is affected.
Current RedHat sliplogin is not affected.
Others I don't know about.
--
- David A. Holland | Number of words in the English language that
dholland@hcs.harvard.edu | exist because of typos or misreadings: 381