|
|
Home : Advisories : DECnet-Internet Gateway Vulnerability
| Title: |
DECnet-Internet Gateway Vulnerability |
| Released by: |
CERT |
| Date: |
26th September 1991 |
| Printable version: |
Click here |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
===========================================================================
CA-91:17
Last Revised: September 18,1997
Attached copyright statement
CERT Advisory
September 26, 1991
DECnet-Internet Gateway Vulnerability
- ---------------------------------------------------------------------------
The Computer Emergency Response Team/Coordination Center (CERT/CC) has
received information concerning a vulnerability in the configuration of
the DECnet-Internet gateway software for Digital Equipment Corporation's
(DEC) ULTRIX versions 4.0, 4.1, and 4.2 on all Digital architectures.
Digital Equipment Corporation is aware of this problem and a resolution
for this vulnerability will be included in a future release. Digital
and the CERT/CC strongly recommend that sites exposed to this vulnerability
immediately institute the workaround detailed in this advisory.
- ---------------------------------------------------------------------------
I. Description
When installing the DECnet-Internet gateway software it is necessary to
create a guest account on the ULTRIX gateway host. By default, this
account has /bin/csh as its shell. By virtue of the guest account
having a valid shell, the DECnet-Internet gateway software can be
exploited to allow unauthorized root access.
II. Impact
Anyone using the DECnet-Internet gateway can gain unauthorized
root privileges on the ULTRIX gateway host.
III. Solution
This section describes a workaround for this vulnerability.
Disable the guest account by editing the /etc/passwd file and setting
the shell field for the guest account to /bin/false. Also, ensure the
guest account has the string "NoLogin" in the password field as detailed
in the DECnet-Internet installation manual.
Even if you have not installed or are not running the DECnet-
Internet gateway software, Digital recommends that you implement the
workaround solution stated above.
- ---------------------------------------------------------------------------
The CERT/CC wishes to thank R. Scott Butler of the Du Pont Company for
bringing this vulnerability to our attention and for his further
assistance with the temporary workaround.
- ---------------------------------------------------------------------------
If you believe that your system has been compromised, contact CERT/CC via
telephone or e-mail.
Computer Emergency Response Team/Coordination Center (CERT/CC)
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890
Internet E-mail: cert@cert.org
Telephone: 412-268-7090 24-hour hotline:
CERT/CC personnel answer 7:30a.m.-6:00p.m. EST/EDT,
on call for emergencies during other hours.
Past advisories and other computer security related information are available
for anonymous ftp from the cert.org (192.88.209.5) system.
- -------------------------------------------------------------------------
Copyright 1991 Carnegie Mellon University. Conditions for use, disclaimers,
and sponsorship information can be found in
http://www.cert.org/legal_stuff.html and http://ftp.cert.org/pub/legal_stuff .
If you do not have FTP or web access, send mail to cert@cert.org with
"copyright" in the subject line.
CERT is registered in the U.S. Patent and Trademark Office.
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Revision History
September 18,1997 Attached Copyright Statement
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQA/AwUBOBS9XFr9kb5qlZHQEQIrbQCfbiGRc8rYEIdP6FR+s2B0a+1mBIQAn1fq
meEwwrGxNZEv4EiXytRVF2Gc
=8/2b
-----END PGP SIGNATURE-----
|
