VERY Dangerous Hole ...
Wietse Venema
wswietse at eutrc3.UUCP
Tue Mar 7 03:49:22 AEST 1989
Reply-to: wswietse at eutrc3.UUCP (Wietse Venema)
In article <81555 at felix.UUCP> slouder at note.nsf.gov (Steve Loudermilk) writes:
|Reply-to: slouder at note.nsf.gov (Steve Loudermilk)
|
|Hi,
|
|On 22 Dec 88, a notice was posted on this bulletin board by a
|Mr. Ning Zhang in Germany announcing he had discovered a "very
|dangerous security hole in UNIX". He said he had drafted a report
|on it.
|
|I was of the opinion that much more would be forthcoming if there
|really was such a problem. Nothing else has been posted concerning
|this. And I have seen nothing on other BBs which are linked to this
|message. I was ready to write it off as a false alarm. However, other's
|in my office, and rightly so, have urged me to "close the loop" and
|find out for sure.
|
|Is there really a big problem? Is it the same as ftp, finger,
|or sendmail problems which have been handled so well by others in the
|internet community?
|
|Excuse me if I have missed something here, but I believe such an
|announcement deserves a followup explanation.
|
|Thanks,
|
|----------------------------------------------------------------------
|Steve Loudermilk Internet: slouder at note.nsf.gov
|Integrated Microcomputer Systems Inc. Phonenet: (202) 357-9648
|----------------------------------------------------------------------
The problem is real and has been found on several BSD-like UNIX
versions (Ultrix, Alliant, Sun). It occurs when the finger field of a
passwd file entry becomes longer than the internal buffers used by
programs such as chsh(1).
--
uucp: wswietse at eutrc3.UUCP | Eindhoven University of Technology
bitnet: wswietse at heithe5.BITNET | Dept. of Mathematics and Computing Science
surf: tuerc5::wswietse | Eindhoven, The Netherlands.
More information about the Comp.unix.ultrix
mailing list