-----BEGIN PGP SIGNED MESSAGE-----
CA-89:07
CERT Advisory
October 26, 1989
Sun RCP vulnerability
- -----------------------------------------------------------------------------
A problem has been discovered in the SunOS 4.0.x rcp. If exploited,
this problem can allow users of other trusted machines to execute
root-privilege commands on a Sun via rcp.
This affects only SunOS 4.0.x systems; 3.5 systems are not affected.
A Sun running 4.0.x rcp can be exploited by any other trusted host
listed in /etc/hosts.equiv or /.rhosts. Note that the other machine
exploiting this hole does not have to be running Unix; this
vulnerability can be exploited by a PC running PC/NFS, for example.
This bug will be fixed by Sun in version 4.1 (Sun Bug number 1017314),
but for now the following workaround is suggested by Sun:
Change the 'nobody' /etc/passwd file entry from
nobody:*:-2:-2::/:
to
nobody:*:32767:32767:Mismatched NFS ID's:/nonexistant:/nosuchshell
If you need further information about this problem, please contact
CERT by electronic mail or phone.
- -----------------------------------------------------------------------------
Computer Emergency Response Team (CERT)
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890
Internet:
[email protected]
Telephone: 412-268-7090 24-hour hotline: CERT personnel answer
7:30a.m.-6:00p.m. EST, on call for
emergencies other hours.
Past advisories and other information are available for anonymous ftp
from cert.org (192.88.209.5).
-----BEGIN PGP SIGNATURE-----
Version: 2.6.2
iQCVAwUBMaMwdHVP+x0t4w7BAQEBIgQAiCG7EKfDyc4uiFM7XLDu8QV07sgVLu/t
DZjjt8zURlBvjlkPf2NLdZr15w+DrtjHKFwbUPMEfy7k9K3CHOVi7o1CeTsBQPhD
JCQvzjGZ4RBHz7oC857qkecV45DAh1hgX5bYYZqDFFgqtDaIIMZ7bXuz9C+lky45
YVshgM88QO4=
=p0DR
-----END PGP SIGNATURE-----
