-----BEGIN PGP SIGNED MESSAGE----- =============================================================================== Security Advisory CERT-NL =============================================================================== Author/Source : Teun Nijssen Index : S-97-08 Distribution : World Page : 1 Classification: External Version: 1 Subject : rlogin-term Date : 6-feb-97 =============================================================================== By courtesy of CERT Coordination Center we received the following information. CERT Coordination Center advisory CA-97:06 reports a vulnerability in many implementations of rlogin, including eklogin and klogin. By exploiting this vulnerability, users with access to an account on the system can cause a buffer overflow and execute arbitrary programs as root. The CERT/CC advisory recommends installing a supplied vendor patch for this problem. Until you can do so, we urge you to turn off rlogin or replace it with a supplied wrapper. CERT-NL recommends to handle according to the CERT-CC advise (or better yet to avoid the r-series utilities completely). All CERT Coordination Center advisories and README's are mirrored by CERT-NL. The specific URL's for this case will be: > ftp://ftp.surfnet.nl/surfnet/net-security/cert-cc-mirror/cert_advisories/CA-97.06.rlo > gin-term > ftp://ftp.surfnet.nl/surfnet/net-security/cert-cc-mirror/cert_advisories/CA-97:06.REA > DME The CERT Coordination Center staff thanks AUSCERT and DFN-CERT for their contributions to the development of this advisory. More information about the CERT-NL mirror and notifier services is contained in News items N-95-01 (notifier) and N-95-02 (CERT mirror), both present on ftp://ftp.surfnet.nl/surfnet/net-security/cert-nl/docs/news/ ============================================================================== CERT-NL is the Computer Emergency Response Team for SURFnet customers. SURFnet is the Dutch network for educational, research and related institutes. CERT-NL is a member of the Forum of Incident Response and Security Teams (FIRST). All CERT-NL material is available under: http://www.surfnet.nl/surfnet/security/cert-nl.html ftp://ftp.surfnet.nl/surfnet/net-security In case of computer or network security problems please contact your local CERT/security-team or CERT-NL (if your institute is NOT a SURFnet customer please address the appropriate (local) CERT/security-team). CERT-NL is one/two hour(s) ahead of UTC (GMT) in winter/summer, i.e. UTC+0100 in winter and UTC+0200 in summer (DST). Email: cert-nl@surfnet.nl Phone: +31 302 305 305 Fax: +31 302 305 329 Snailmail: SURFnet bv Attn. CERT-NL P.O. Box 19035 NL - 3501 DA UTRECHT The Netherlands A 7 * 24 hours phone number is available to SURFnet SSC's and FIRST members on request. ============================================================================== -----BEGIN PGP SIGNATURE----- Version: 2.6.3i Charset: cp850 iQCVAwUBMvrxHUU5nQkWIq1FAQE7hQP/StbgkbsgxbZsFXYPTI5b7LjMW9xrbHRO u8PMMlmBv3Uw5i4NYImO4GmsCEVwiHX3ZjAJe+BQ9TzTT0d50kdm4UBiN33lFnC/ bJ52tQOFU+kn7H/EwTgBW1OwIl2Cx/q981ASmRmQIHNx6ku3Av4nXfqXfRfkgkP4 gUHufFDNaeM= =Y288 -----END PGP SIGNATURE-----