Sicherheitsluecke bei rlogin auf Linux [LSF Update#11: Vulnerability of rlogin] (fwd)
FYI :
Here's what we got from CERT a few minutes ago.
- -----BEGIN PGP SIGNED MESSAGE-----
Linux Security FAQ Update
rlogin Vulnerability
Tue Jul 30 17:51:57 EDT 1996
Copyright (C) 1995 Alexander O. Yuriev (alex@bach.cis.temple.edu)
CIS Laboratories
TEMPLE UNIVERSITY
U.S.A.
=============================================================================
This is an official update of the Linux security FAQ, and it is supposed to
be signed by one of the following PGP keys:
pub 1024/9ED505C5 1995/12/06 Jeffrey A. Uphoff <juphoff@nrao.edu>
Jeffrey A. Uphoff <jeff.uphoff@linux.org>
1024/EFE347AD 1995/02/17 Olaf Kirch <okir@monad.swb.de>
1024/ADF3EE95 1995/06/08 Linux Security FAQ Primary Key <Alexander O. Yuriev>
Unless you are able to verify at least one of signatures, please be very
careful when following instructions.
Linux Security WWW: http://bach.cis.temple.edu/linux/linux-security
linux-security & linux-alert mailing list archives:
ftp://linux.nrao.edu/pub/linux/security/list-archive
=============================================================================
ABSTRACT
A vulnerability exists in the rlogin program of NetKitB-0.6
This vulnerability affects several widely used Linux
distributions, including RedHat Linux 2.0, 2.1 and derived
systems including Caldera Network Desktop, Slackware 3.0 and
others. This vulnerability is not limited to Linux or any
other free UNIX systems. Both the information about this
vulnerability and methods of its expolit were made available
on the Internet.
RISK ASSESMENT
Local and remote users could gain super-user priviledges
DISTRIBUTION FIXES
Red Hat Commercial Linux
Red Hat Linux version 2.0 and 2.1 contains
vulnerable program unless NetKit-B-0.06-7.i386.rpm
was installed.
In order to fix the vulnerability install
NetKit-B-0.06-7 rpm available from
ftp://ftp.redhat.com/pub/redhat/old-releases/redhat-2.1/i386/updates/RPMS/NetKit-B-0.06-7.i386.rpm
ftp://bach.cis.temple.edu/pub/Linux/security/DISTRIBUTION-FIXES/RedHat-2.1/NetKit-B-0.06-7.i386.rpm
ftp://tarsier.cv.nrao.edu/pub/linux/security/DISTRIBUTION-FIXES/RedHat-2.1/NetKit-B-0.06-7.i386.rpm
Please verify the MD5 signature of the RPM prior to
installing it.
601c3f6137a6fb15ae61a6b817395040 NetKit-B-0.06-7.i386.rpm
Red Hat Linux version 3.0.3 (Picasso) does not
contain vulnerable rlogin program.
Caldera Network Desktop
Version 1 of CND contains the vulnerable program
unless NetKit-B-0.06-4c1.i386.rpm was installed.
This RPM is available from
ftp://ftp.caldera.com/pub/cnd-1.0/updates/NetKit-B-0.06-4c1.i386.rpm
ftp://bach.cis.temple.edu/pub/Linux/Security/DISTRIBUTION-FIXES/CND/NetKit-B-0.06-4c1.i386.rpm
ftp://tarsier.cv.nrao.edu/pub/linux/security/DISTRIBUTION-FIXES/CND/NetKit-B-0.06-4c1.i386.rpm
Please verify the MD5 signature of RPM prior to
installing it.
aeb2da201477cd3280fdc09836395c35 NetKit-B-0.06-4c1.i386.rpm
Version 1 of CND upgraded to RedHat Linux 3.0.3
(Picasso) does not contain a vulnerable program.
Debian
Debian Project did not either confirm or deny the
vulnerability of Debian/GNU Linux 1.1.
Debian/GNU Linux systems may be vulnerable if
NetKit-B-0.6 is installed. Until the official
fix-kit is available for Debian/GNU Linux, system
administrators of Debian systems are advised to
follow guidelines under Other Linux Distributions
section.
Slackware
The Slackware Linux distribution Version 3.0 is
confirmed to be vulnerable unless a NetKit newer
than NetKit-B-0.6 is installed.
Until the official fix-kit is available for
Slackware 3.0, the system administrators are advised
to follow the guidelines under Other Linux
Distributions section.
Yggdrasil
Yggdrasil Computing's Plug & Play Linux Fall'95
contains vulnerable rlogin program.
Adam J. Richter from Yggdrasil Computing made an
unofficial fix-kit available at
ftp.yggdrasil.com/pub/support/fall95/rlogin_fix/
We are unable to provide MD5 signature for the fix
kit as we are unable to verify the integrity of the
message.
Other Linux Distributions
System administrators of systems based on other
Linux distributions or distributions that do not
have official patch-kits available are advised to
install newly released NetKit-B-0.7 available from
ftp://ftp.uk.linux.org/pub/linux/Networking/base
and ftp://sunsite.unc.edu/pub/Linux/Incoming
CREDITS
This LSF Update is based on the information provided by Alan
Cox. The first patch for rlogin program was provided by Marc
Ewing of Red Hat Software. Ron Holt of Caldera Inc provided
fixed RPM for Caldera Network Desktop within 3 hours after
the initial contact. Adam J. Richter provided unofficial
information about the unofficial fix-kit for Yggdrasil Plug
and Play Linux Fall'95.
- -----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMf6EsYxFUz2t8+6VAQFDVAQAloKbM00wdzNCwcyo9Wz8wJo54a+TwYN6
Xua/PFBnhunCpJy/T0BOO/Dh1IBE/mCu2FSNMK/bkRXel6Om9lEzjDHlyeUizeBI
enIAOWQvNBf0e+/lHJXXtCSIWNeSfSysCaP98Y7F6bouZc14l1d/PJg7eSmWikFG
HhgcRl6ZyHM=
=hG1l
- -----END PGP SIGNATURE-----
- ----- End Included Message -----
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2i
iQCVAwUBMgBSFeTyai8iNKttAQGoSgP+Is6c0isLMS2LiXafNVU526TcsVHsuOY6
iLnv1/jENnYhHJp78cRpvAGUvIoIquVDpGQEb9yxv3seCLY+MTqjBVvAhwnGSpGo
ysDd0DboAeLbzEuZVkCZ+tbEYEcZGVkdU7qJfLKBbtFquVbzKWqai7H8gKD0bS5J
r6lOkHtIsHI=
=5QFE
-----END PGP SIGNATURE-----
Reply to: