[5166] in bugtraq
Re: in.fingerd vulnerability
daemon@ATHENA.MIT.EDU (Brian Hampson)
Fri Aug 22 18:15:26 1997
Date: Wed, 20 Aug 1997 13:55:46 -0700
Reply-To: Brian Hampson <brian@ASL-LABS.BC.CA>
From: Brian Hampson <brian@ASL-LABS.BC.CA>
To: BUGTRAQ@NETSPACE.ORG
I made a call to DG, and the person I spoke with said "That's why it's
commented out, with a warning about security"
So....I reposted the message to the DGUSERS mailing list, and got the following
response. We are in the midst of preparing for the upgrade, so I can't verify
it.
As stated below...apparently it's fixed in MU03. FWIW, DG/UX is officially up
to 4.11MU04,with 4.20 coming soon.
B.
--- BEGIN forwarded message ----------------------------------------------
[...]
> This was posted on the BUGTRAQ(large distribution among the security AND
> hacking communities) mailing list the other day....A HUGE security hole in
> DGUX's finger. A call to DGUX resulted in a "well...that's why it's commented
> out by default"... :(
>
> I'm in the process of submitting an RFE with DG, but I don't have a lot of
> hope.
Brian - FYI - This problem is fixed in revision R4.11MU03 and later of DG/UX.
William Crosmun
Data General Corp.
>
> The only work arounds I can think of are:
>
> 1) disable fingerd
> 2) use tcpwrappers, and have a wrapper program check for the offending pipe and
> other shell specials 3) find a third party fingerd that DOESN'T have this wide
> open door to root.
[...]
-----------------------------------------------------
-- End of forwarded message
-----------------------------------------------------
--
"Vision without action is a daydream. Action without vision is a nightmare"
Brian P. Hampson ASL Analytical Service Laboratories Ltd
System Administrator, Vancouver, BC (604)253-4188
----------------- http://www.asl-labs.bc.ca/ ----------------------------
These opinions are MINE I tell you ....all mine!!! (nobody else wants them)
