CERT_RCP_Advisory
CERT Advisory
cert at cert.sei.cmu.edu
Fri Oct 27 11:25:40 AEST 1989
CERT Advisory
October 26, 1989
Sun RCP vulnerability
A problem has been discovered in the SunOS 4.0.x rcp. If exploited, this
problem can allow users of other trusted machines to execute
root-privilege commands on a Sun via rcp.
This affects only SunOS 4.0.x systems; 3.5 systems are not affected.
A Sun running 4.0.x rcp can be exploited by any other trusted host listed
in /etc/hosts.equiv or /.rhosts. Note that the other machine exploiting
this hole does not have to be running Unix; this vulnerability can be
exploited by a PC running PC/NFS, for example.
This bug will be fixed by Sun in version 4.1 (Sun Bug number 1017314),
but for now the following workaround is suggested by Sun:
Change the 'nobody' /etc/passwd file entry from
nobody:*:-2:-2::/:
to
nobody:*:32767:32767:Mismatched NFS ID's:/nonexistant:/nosuchshell
If you need further information about this problem, please contact
CERT by electronic mail or phone.
J. Paul Holbrook
Computer Emergency Response Team (CERT)
Carnegie Mellon University
Software Engineering Institute
Internet: <cert at SEI.CMU.EDU>
(412) 268-7090 (24 hour hotline)
Acknowledge-To: <RGREENEB at RICEVM1>
More information about the Comp.sys.sun
mailing list