[2696] in bugtraq
Re: Linux rlogin hole with libc 5.x
daemon@ATHENA.MIT.EDU (Alan Brown)
Thu Jun 6 12:55:38 1996
Date: Thu, 6 Jun 1996 20:01:53 +1200
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: Alan Brown <alan@manawatu.planet.org.nz>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
In-Reply-To: <199606060547.BAA13955@draco.mv.com>
The hole in the 5.x libraries is known and specifically warned about in
the kernel documentation file which discusses updating to ELF.
The hole is fixed in libc5.3.12 and later.
Be warned that the 5.x series Libc's are currently classed as "experimental"
The simple solution to the problem is to disable rlogin. There's little
point leaving any inetd service open unless it's actually being used.
AB
