[prev in list] [next in list] [prev in thread] [next in thread]
List: bugtraq
Subject: Re: Vulnerability in HP sysdiag??? and securetty
From: "Beebe, Todd" <Todd_Beebe () exchng1 ! gallup ! com>
Date: 1996-09-25 21:53:34
[Download RAW message or body]
Funny thing..
I just duplicated the sysdiag bug shown below.. The system I tried
it on is running hpux 10.10, why would HP fix a security bug in 1994
in hpux 9.04, then release it years later in a new release?
Although, the system would not let me log in immediately since roots
.rhosts file was owned by the non-root user(me) who created it with
sysdiag, but since I was the owner of the file I could chown root
.rhosts then the system graciously let me rlogin as root without that
annoying password.
On a side note, if there are any SysAdmins out there using the
/etc/securetty file as a means to disallow direct root login, don't. It
also
has a "bug" that HP support never gave me a answer for. If you
use xterm to login to your server it doesn't use the /etc/securetty file
so the tty is not secure, you can get a direct login as root without
any changes to the system. I thought somewhere within C2 specifications
it talked about disallowing direct root login....
>----------
>From: security-alert@hp.com[SMTP:security-alert@hp.com]
>Sent: Wednesday, September 25, 1996 6:18 PM
>To: Multiple recipients of list BUGTRAQ
>Subject: Vulnerability in HP sysdiag???
>
>To whom it may concern:
>
> Recent bugtraq discussions under the subject: "Vunerability in HP
>sysdiag???"
>discuss exploitations using the system diagnostics.
> The Hewlett-Packard Co. Security Bulletin #11 dated 12-02-94 concerning
>Security Vulnerability in CORE-DIAG fileset references a patch for HP-UX
>release 9.04 (PHSS_4749) that has now been superceeded by PHSS_6300. It also
>has a dependency on patch PHKL_6100. When properly installed both patches
>(6300 & 6100) together will circumvent the behavior described.
>
> To subscribe to automatically receive future NEW HP Security
> Bulletins from the HP SupportLine mail service via electronic
> mail, send an email message to:
>
> support@us.external.hp.com (no Subject is required)
>
> Multiple instructions are allowed in the TEXT PORTION OF THE
> MESSAGE, here are some basic instructions you may want to use:
>
> To add your name to the subscription list for new security
> bulletins, send the following in the TEXT PORTION OF THE MESSAGE:
>
> subscribe security_info
>
> To retrieve the index of all HP Security Bulletins issued to
> date, send the following in the TEXT PORTION OF THE MESSAGE:
>
> send security_info_list
>
> To get a patch matrix of current HP-UX and BLS security
> patches referenced by either Security Bulletin or Platform/OS,
> put the following in the text portion of your message:
>
> send hp-ux_patch_matrix
>
> World Wide Web service for browsing of bulletins is available
> via our URL: http://us.external.hp.com
>
> Choose "Support news", then under Support news,
> choose "Security Bulletins"
>
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic