Buffer the overflow slayer
Print/bin/login exploit
Posted in Business, 13th December 2001 13:28 GMT
Free whitepaper – PowerEdge M610-M710 spec sheet
A buffer overflow vulnerability in login programs used by Sun Solaris and IBM AIX systems could allow crackers to take control of servers, security experts warn.
The flaw arises from the way System V derived implementations of Login work in conjunction with remote access protocols such as Telnet and Rlogin, which are enabled by default on most Unix platforms.
This software bug means environment variables passed over from Telnet and Rlogin are handled incorrectly. As a result a maliciously constructed message might allow hackers to execute arbitrary commands on a target system with superuser privilege.
The issue is serious because an exploit for the vulnerability has been made public, according to security tools vendor Internet Security Systems, which discovered the problem.
Systems running Solaris 8, and earlier versions of Sun's operating system, as well as IBM AIX versions 4.3 and 5.1 are vulnerable, according to an advisory by CERT.
There is no simple workaround for this issue. However, disabling all default terminal communications services and installing SSH will eliminate the vulnerability.
Sun is in the process of testing a patch that will deal with the vulnerability and will be made available here. An interim fix is available from IBM here. ®
Free whitepaper – SPECjbb2005 performance and power consumption on Dell, HP, and IBM blade servers
What Exchange can't do - and Dell can
Enabling the Agile Data Center
Hosted CRM Can Be Your Secret Weapon to Success!
Market Primer: ERP Systems
Dirty, dirty PCs: The X-rated picture guide
Top 500 supers - rise of the Linux quad-cores
Early adopters bloodied by Ubuntu's Karmic Koala
Sign up, sign up for The Register IT security newsletter