***********************************************************************
DDN Security Bulletin 9108 DCA DDN Defense Communications System
23 MAY 91 Published by: DDN Security Coordination Center
(
[email protected]) (800) 235-3155
DEFENSE DATA NETWORK
SECURITY BULLETIN
The DDN SECURITY BULLETIN is distributed by the DDN SCC (Security
Coordination Center) under DCA contract as a means of communicating
information on network and host security exposures, fixes, & concerns
to security & management personnel at DDN facilities. Back issues may
be obtained via FTP (or Kermit) from NIC.DDN.MIL [192.67.67.20]
using login="anonymous" and password="guest". The bulletin pathname is
SCC:DDN-SECURITY-yynn (where "yy" is the year the bulletin is issued
and "nn" is a bulletin number, e.g. SCC:DDN-SECURITY-9001).
**********************************************************************
AT&T System V Release 4 /bin/login Vulnerability
+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +
! !
! The following important advisory was issued by the Computer !
! Emergency Response Team (CERT) and is being relayed unedited !
! via the Defense Communications Agency's Security Coordination !
! Center distribution system as a means of providing DDN !
! subscribers with useful security information. !
! !
+ - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - +
CA-91:08 CERT Advisory
May 23, 1991
AT&T System V Release 4 /bin/login Vulnerability
---------------------------------------------------------------------------
The Computer Emergency Response Team/Coordination Center (CERT/CC) has
received information concerning a security vulnerability in AT&T's UNIX(r)
System V Release 4 operating system. AT&T is providing a software upgrade
for Release 4 operating system vendors and a patch for AT&T Computer Systems
customers. AT&T has also provided a suggested fix for all Release 4
based systems.
---------------------------------------------------------------------------
I. DESCRIPTION:
A security vulnerability exists in /bin/login in AT&T's System V
Release 4 operating system.
II. IMPACT:
System users can gain unauthorized privileges.
III. SOLUTION:
A. AT&T Computer Systems customers
Log into the root account. Change the execution permission on
the file /bin/login.
chmod 500 /bin/login
Contact AT&T Computer Systems at 800-922-0354 to obtain a fix.
The numbers associated with the fix are 156 (3.5" media) and
157 (5.25" media).
International customers should contact their local AT&T
Computer Systems representative.
B. All other System V Release 4 based systems
Log into the root account. Change the execution permission on
the file /bin/login.
chmod 500 /bin/login
Release 4 customers should contact their operating system
supplier for details on the availability of the software
update.
---------------------------------------------------------------------------
The CERT/CC would like to thank AT&T for their timely response to our
report of this vulnerability.
---------------------------------------------------------------------------
If you believe that your system has been compromised, contact CERT/CC via
telephone or e-mail.
Computer Emergency Response Team/Coordination Center (CERT/CC)
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890
Internet E-mail:
[email protected]
Telephone: 412-268-7090 24-hour hotline:
CERT/CC personnel answer 7:30a.m.-6:00p.m. EST,
on call for emergencies during other hours.
Past advisories and other computer security related information are available
for anonymous ftp from the cert.sei.cmu.edu (128.237.253.5) system.
Downloaded From P-80 International Information Systems 304-744-2253
