Copy Link
Add to Bookmark
Report

CERT Advisory 020

eZine's profile picture
Published in 
CERT Advisory
 · 4 years ago

  


-----BEGIN PGP SIGNED MESSAGE-----

CA-91:02a REVISED CERT Advisory
March 27, 1991
SunOS in.telnetd Vulnerability

- -------------------------------------------------------------------------

*** THIS IS A REVISED CERT ADVISORY ***
*** CONTAINS NEW INFORMATION AND A CORRECTION ***


DESCRIPTION:

The Computer Emergency Response Team/Coordination Center (CERT/CC) has
obtained information from Sun Microsystems, Inc. regarding a vulnerability
affecting SunOS 4.1 and 4.1.1 versions of in.telnetd on all Sun 3 and
Sun 4 architectures. This vulnerability also affects SunOS 4.0.3 versions
of both in.telnetd and in.rlogind on all Sun3 and Sun 4 architectures.
To our knowledge, a vulnerability does not exist in the SunOS 4.1 and 4.1.1
versions of in.rlogind. The vulnerability has been fixed by Sun Microsystems,
Inc.

This advisory has been revised to include information on the new patches
available for SunOS 4.0.3. The CERT would also like to mention that the
name of the compressed tarfile included in the previous CERT Advisory,
CA-91:02, was incorrect. It was listed as 1001125-02.tar.Z and it should
have been 100125-02.tar.Z. We regret any inconvenience this may have caused.

Please be aware that the new compressed tarfile provided by Sun Microsystems,
Inc. includes all of the patched files for SunOS 4.0.3, SunOS 4.1, and
SunOS 4.1.1. That is, the tarfile contains the new patches for SunOS
4.0.3 as well as those files previously distributed in the 100125-02.tar.Z
tarfile. The installation of the patch differs between SunOS 4.0.3
and SunOS 4.1.x.


IMPACT:

The vulnerability allows a user on the system to gain unauthorized
access to other accounts, including root.


SOLUTION for SunOS 4.0.3 and 4.0.3c:

Sun Microsystems, Inc. has patched versions of in.telnetd and in.rlogind
available for SunOS 4.0.3 on all Sun 3 and Sun 4 architectures. The Sun
Patch ID is 100125-03 which is needed when ordering the patch from a Sun
Answer Center. In the US, telephone (800) USA-4SUN. The checksum of the
compressed tarfile (filename 100125-03.tar.Z) is 17128 102. The compressed
tarfile is available by anonymous FTP on uunet.uu.net (192.48.96.2) in
sun-dist/100125-03.tar.Z. Please note: This compressed tarfile
also includes patched versions of in.telnetd for SunOS 4.1 and 4.1.1.
Please disregard these files.


SunOS 4.0.3 patch installation instructions are as follows:

# mv /usr/etc/in.telnetd /usr/etc/in.telnetd.FCS
# mv /usr/etc/in.rlogind /usr/etc/in.rlogind.FCS
# chmod 600 /usr/etc/in.telnetd.FCS
# chmod 600 /usr/etc/in.rlogind.FCS

(These four steps store the old versions as a precaution and change the
file modes so that the old versions cannot be executed. After verifying
the new versions, the old versions should be removed.)


# cp sun{3,3x,4,4c}/{4.0.3,4.0.3c}/in.telnetd /usr/etc/in.telnetd
# cp sun{3,3x,4,4c}/{4.0.3,4.0.3c}/in.rlogind /usr/etc/in.rlogind

(Be sure to copy the appropriate versions for your architecture.)


# chmod 711 /usr/etc/in.telnetd
# chmod 711 /usr/etc/in.rlogind
# chown root /usr/etc/in.telnetd
# chown root /usr/etc/in.rlogind
# chgrp staff /usr/etc/in.telnetd
# chgrp staff /usr/etc/in.rlogind
# kill {any executing in.telnetd and in.rlogind process(es) (SEE NOTE)}

NOTE: Be careful in killing existing in.telnetd and in.rlogind processes,
as they may be legitimate users attempting to login to the system.

- -------------------------------------------------------------------------


SOLUTION for SunOS 4.1 and 4.1.1:

Sun Microsystems, Inc. has patched versions of in.telnetd available for
SunOS 4.1 and 4.1.1 on all Sun 3 and Sun 4 architectures. The Sun
Patch ID is 100125-03 which is needed when ordering the patch from a Sun
Answer Center. In the US, telephone (800) USA-4SUN. The checksum of the
compressed tarfile (filename 100125-03.tar.Z) is 17128 102. The compressed
tarfile is available by anonymous FTP on uunet.uu.net (192.48.96.2) in
sun-dist/100125-03.tar.Z. Please note: This tarfile includes patched
versions of in.telnetd and in.rlogind for SunOS 4.0.3. Please disregard
these files.

Patch installation instructions are as follows:

# mv /usr/etc/in.telnetd /usr/etc/in.telnetd.FCS
# chmod 600 /usr/etc/in.telnetd.FCS

(These two steps store the old version as a precaution and change the
file mode to that the old version cannot be executed; after verifying
the new version, the old version should be removed.)

# cp sun{3,3x,4,4c}/4.1/in.telnetd /usr/etc/in.telnetd

(Be sure to copy the appropriate version for your architecture.)

# chmod 711 /usr/etc/in.telnetd
# chown root /usr/etc/in.telnetd
# chgrp staff /usr/etc/in.telnetd
# kill {any executing in.telnetd process(es) (SEE NOTE)}

NOTE: Be careful in killing existing in.telnetd processes, as they may
be legitimate users attempting to login to the system.

- -------------------------------------------------------------------------
Computer Emergency Response Team/Coordination Center (CERT/CC)
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890

Internet E-mail: cert@cert.org
Telephone: 412-268-7090 24-hour hotline:
CERT personnel answer 7:30a.m.-6:00p.m. EST.
On call for emergencies during other hours.

Past advisories and other computer security related information are available
for anonymous ftp from the cert.org (192.88.209.5) system.



-----BEGIN PGP SIGNATURE-----
Version: 2.6.2

iQCVAwUBMaMwnHVP+x0t4w7BAQGjdgP/bynVCWMrrk2J9Y9Fg+1dCnuD9mpYEsmZ
JBbUTYcksF6WI/FNctHUaiDzNUGtnwmdpeKAAk3qSbzKfuObY4AYA1ZXJe55wrwA
IxE9Q0kiogMnXc+ifmflKS4/ObE7WT81UWZshzUVW/KJwtRiOd7zIAowVLh45xst
DeYRlpcwPhk=
=ChPW
-----END PGP SIGNATURE-----

← previous
next →
loading
sending ...
New to Neperos ? Sign Up for free
download Neperos App from Google Play
install Neperos as PWA

Let's discover also

Recent Articles

Recent Comments

Neperos cookies
This website uses cookies to store your preferences and improve the service. Cookies authorization will allow me and / or my partners to process personal data such as browsing behaviour.

By pressing OK you agree to the Terms of Service and acknowledge the Privacy Policy

By pressing REJECT you will be able to continue to use Neperos (like read articles or write comments) but some important cookies will not be set. This may affect certain features and functions of the platform.
OK
REJECT