Re: To kill a sun:

Paul Nash (pnash@HANSHAN.BBNPLANET.COM)
Mon, 15 Dec 1997 09:58:06 -0500

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Rick Byers: "Re: buffer overflows in cracklib?!"
Previous message: Wilton Wong - ListMail: "Re: Buffer overrun in Redhat 5.0"
Maybe in reply to: Jason Zapman II: "To kill a sun:"

>
> It appears that sunkill.c does not have any appreciable affect on a
> Solaris 2.5.1 system when they are running the MIT Kerberos v5 1.0.4
> suite of network authentication utilities (telnetd, rlogind, etc...)
> whether the machine is a sun4m machine on le0 (10Mb/s ethernet), a
> sun4u machine on hme0 (100Mb/s ethernet), or a Solarisx86 2.5.1
> machine on de0 (10Mb/s ethernet). uname's below w/ patchlevels.
>

Of note, Wieste Venema's telnetd (included in his logdaemon package) is
immune to this attack.

>From the README:

telnetd pretty dumb BSD 4.3 telnetd. No access control or logging,
but compatible with SunOS 4.x, Ultrix 4.x, SunOS 5.x.
Relatively poor in features (no environment passing) so there
is less risks of surprises.

This just might be the quickfix people are looking for. You can find it
at:

ftp://ftp.win.tue.nl/pub/security/logdaemon-5.6.tar.gz

-Paul

------
Paul Nash
GTE Internetworking - Powered by BBN
617 873 6604

Next message: Rick Byers: "Re: buffer overflows in cracklib?!"
Previous message: Wilton Wong - ListMail: "Re: Buffer overrun in Redhat 5.0"
Maybe in reply to: Jason Zapman II: "To kill a sun:"