Advisories : Sun RCP vulnerability

main menu

- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news

discussions

- read forum
- new topic
- search

meetings

- meetings list
- recent additions
- add your info

top 100 sites

- visit top sites
- sign up now
- members

webmasters

- add your url
- add domain
- search box
- link to us

projects

- our projects
- free email

m4d network

- security software
- secureroot
- m4d.com

Home : Advisories : Sun RCP vulnerability

Title:	Sun RCP vulnerability
Released by:	CERT
Date:	26th October 1989
Printable version:	Click here

-----BEGIN PGP SIGNED MESSAGE-----

Hash: SHA1





CA-89:07

Last revised: September 17,1997

                Attached copyright statement



                                 CERT Advisory

                               October 26, 1989

                             Sun RCP vulnerability       

- -----------------------------------------------------------------------------



A problem has been discovered in the SunOS 4.0.x rcp.  If exploited,

this problem can allow users of other trusted machines to execute

root-privilege commands on a Sun via rcp.



This affects only SunOS 4.0.x systems; 3.5 systems are not affected.



A Sun running 4.0.x rcp can be exploited by any other trusted host

listed in /etc/hosts.equiv or /.rhosts.  Note that the other machine

exploiting this hole does not have to be running Unix; this

vulnerability can be exploited by a PC running PC/NFS, for example.



This bug will be fixed by Sun in version 4.1 (Sun Bug number 1017314),

but for now the following workaround is suggested by Sun:



Change the 'nobody' /etc/passwd file entry from



nobody:*:-2:-2::/:



to



nobody:*:32767:32767:Mismatched NFS ID's:/nonexistant:/nosuchshell





If you need further information about this problem, please contact

CERT by electronic mail or phone.



- -----------------------------------------------------------------------------

Computer Emergency Response Team (CERT)

Software Engineering Institute

Carnegie Mellon University

Pittsburgh, PA 15213-3890



Internet: cert@cert.org

Telephone: 412-268-7090 24-hour hotline: CERT personnel answer

           7:30a.m.-6:00p.m. EST, on call for

           emergencies other hours.



Past advisories and other information are available for anonymous ftp

from cert.org (192.88.209.5).



- --------------------------------------------------------------------------





Copyright 1989 Carnegie Mellon University. Conditions for use, disclaimers,

and sponsorship information can be found in

http://www.cert.org/legal_stuff.html and http://ftp.cert.org/pub/legal_stuff .

If you do not have FTP or web access, send mail to cert@cert.org with

"copyright" in the subject line.



CERT is registered in the U.S. Patent and Trademark Office.



~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Revision history



September 17,1997  Attached Copyright Statement







-----BEGIN PGP SIGNATURE-----

Version: PGP for Personal Privacy 5.0

Charset: noconv



iQA/AwUBOBS8sVr9kb5qlZHQEQIBzgCeO8NhNed0NofGn1uMIsoSQwt7ZFwAoIfw

6DjB6s7WANGWcepnc/xfTArM

=t8Bp

-----END PGP SIGNATURE-----