[582] in SIPB_Linux_Development
Re: telnetd/login hole
daemon@ATHENA.MIT.EDU (Erik Nygren)
Thu May 26 05:39:27 1994
To: David Krikorian <dkk@MIT.EDU>
Cc: linux-dev@MIT.EDU
In-Reply-To: Your message of Thu, 26 May 94 05:14:09 -0400.
<9405260914.AA28180@hal-2000.MIT.EDU>
Date: Thu, 26 May 94 05:39:18 EDT
From: Erik Nygren <nygren@MIT.EDU>
>> I'm somewhat concerned by the concensus that our machines aren't
>> affected by this security hole. I've only checked on two linux
>> systems, both Slackware 1.1, I think, and both were vulnerable. I'm
>> actually getting quite spoiled by never having to type my password (or
>> the root password).
The problem is definatley there in Slackware 1.1.1. It may be
in 1.1.2. It doesn't seem to be in 1.2.0 (which keesh is running),
depending on if requiring a space after the -f fixes the problem.
--- Erik
(Still shivering from the draft let in through this barn door)
