[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Fwd: Linux distributions and /bin/login overflow

This is a forwarded message
From: Anton Rager <a_rager@yahoo.com>
To: bugtraq@securityfocus.com
Date: Thursday, December 20, 2001, 12:04:59 AM
Linux distributions and /bin/login overflow
===8<==============Original message text===============

It seems that while Redhat Linux and Caldera Linux
distributions are immune to the recent /bin/login
environ overflow, other Linux distributions are not. 
Several Linux distributions install /bin/login with
SysV login options enabled.

Slackware 8.0 and lower [tested with 8.0, 4.0, 3.3]
has SysV options enabled with /bin/login and is

SuSE 6.1 has SysV options enabled with /bin/login and
is vulnerable.  I don't have a newer SuSE release, so
others will need to verify. It would seem logical that
SuSE 8.3 still includes the SysV login options
enabled, and is probably vulnerable as well.

Other distributions should be checked as well.  A
quick way to check for SysV option capabilities is to
type "login", then enter "root testenv1=test" at the
login: prompt.  Supply your root passwd, and look for
"testenv1" in the output of set.  If it's set, then
your copy of /bin/login supports SysV options.....and
is probably vulnerable. Follow similar procedure to
find overflow possibility/specifics ;)


Anton Rager

Do You Yahoo!?
Check out Yahoo! Shopping and Yahoo! Auctions for all of
your unique holiday gifts! Buy at http://shopping.yahoo.com
or bid at http://auctions.yahoo.com

===8<===========End of original message text===========


Reply to: