Buffer the overflow slayer
/bin/login exploit
Posted in Business, 13th December 2001 13:28 GMT
Tune into our application security webcast, click here
A buffer overflow vulnerability in login programs used by Sun Solaris and IBM AIX systems could allow crackers to take control of servers, security experts warn.
The flaw arises from the way System V derived implementations of Login work in conjunction with remote access protocols such as Telnet and Rlogin, which are enabled by default on most Unix platforms.
This software bug means environment variables passed over from Telnet and Rlogin are handled incorrectly. As a result a maliciously constructed message might allow hackers to execute arbitrary commands on a target system with superuser privilege.
The issue is serious because an exploit for the vulnerability has been made public, according to security tools vendor Internet Security Systems, which discovered the problem.
Systems running Solaris 8, and earlier versions of Sun's operating system, as well as IBM AIX versions 4.3 and 5.1 are vulnerable, according to an advisory by CERT.
There is no simple workaround for this issue. However, disabling all default terminal communications services and installing SSH will eliminate the vulnerability.
Sun is in the process of testing a patch that will deal with the vulnerability and will be made available here. An interim fix is available from IBM here. ®
See what The Register's experts have to say on application security


The future of SaaS and IT infrastructure management
Solving on-premise email challenges with on-demand services
The business case for application security
Reducing messaging and web security costs with managed services

Win a Samsung C6625!
Is your cameraphone an oxymoron?
Reg Mobile and Wireless newsletter is go! go! go!
Sign up, sign up for The Register IT security newsletter