| VID |
14014 |
| Severity |
40 |
| Port |
513 |
| Protocol |
TCP |
| Class |
R-Command |
| Detailed Description |
A vulnerability in the rlogin daemon of some AIX and Linux systems could allow a remote attacker to gain unauthorized root access to the system. A remote attacker can specify the -froot option to rlogin to cause the server daemon to immediately drop the user into a root shell. This problem is a result of incorrectly parsing ths parameters passed to the '/bin/login' program, which results in the attacker logging in as root user without being prompted for a password.
Vulnerable Systems:
AIX 3.x
Linux kernel 2.1.x
* References:
http://www.securityfocus.com/bid/458
http://www.iss.net/security_center/static/104.php |
| Recommendation |
For IBM AIX 3:
Apply the APAR IX44254 patch, as listed in CERT Advisory CA-1994-09, http://www.cert.org/advisories/CA-1994-09.html
As a workaround, disable rlogin in the /etc/inetd.conf file and restart the inetd process. |
| Related URL |
CVE-1999-0113 (CVE) |
| Related URL |
(SecurityFocus) |
| Related URL |
(ISS) |
|
