[444] in Best-of-Security
BoS: Major security-hole in kerberos rsh, rcp and rlogin.
daemon@ATHENA.MIT.EDU (Artur Grabowski)
Tue Nov 11 23:06:32 1997
Old-X-Envelope-From: e96_agr@e.kth.se Mon Nov 3 12:19:27 1997
Date: Mon, 03 Nov 1997 02:18:49 +0100
From: Artur Grabowski <e96_agr@e.kth.se>
Old-X-Originally-To: To: best-of-security@cyber.com.au
Old-X-Originated-From: From: Artur Grabowski <e96_agr@e.kth.se>
Errors-To: best-of-security-request@cyber.com.au
To: best-of-security@cyber.com.au
Resent-From: best-of-security@cyber.com.au
There has been discovered a security-hole in kerberized rsh, rcp and rlogin.
Everyone who has setuid-bits set on these applications is adviced to disable
them.
The hole allows any user on the system to gain privilegies of any other user
including root.
The hole has been successfully tested on kth-kerberos, but is suspected to
exist on any other versions of kerberos.
//Artur Grabowski (administrator on stacken.kth.se)
