Solaris, AIX Login Hole

← Back to Stories (view on slashdot.org)

Posted by michael on Thursday December 13, 2001 @05:54AM from the still-another-reason-not-to-use-telnet dept.

An anonymous submitter sent in: "A CERT Advisory describes a buffer overflow vulnerability in implementations of login derived from System V, which includes among Solaris 8 and earlier and AIX 4.3/5.1. "An exploit exists and may be circulating." Vendors are testing fixes." There's a Reuters story as well.

7 of 267 comments (clear)

Let me guess... by wiredog · 2001-12-13 06:00 · Score: 5, Funny

You can login as kt and get root.

--

Best Slashdot Co
The FBI is disappointed. . . by Slicebo · 2001-12-13 06:05 · Score: 5, Funny

I guess that fixing this issue will delay delivery of "Magic Lantern for Unix" for a few months.
1. Re:The FBI is disappointed. . . by jd · 2001-12-13 06:26 · Score: 4, Funny
  
  Shhhhhhhhhhh! The FBI still thinks that Windows is the only OS out there, and that Bill Gates invented the Internet!
  
  --
  It's a small world and it smells funny; I'd buy another if it wasn't for the money; Take back what I paid (SoM)
2. Re:The FBI is disappointed. . . by CoolVibe · 2001-12-13 06:46 · Score: 3, Funny
  
  *SLAP* no, Al Gore invented the internet, not Bill Gates... sheesh...
  :-)
'Another Gaping security hole goes unpatched?' by Anonymous Coward · 2001-12-13 06:08 · Score: 3, Funny

Isn't this where Michael says:
'Another gaping security hole goes unpatched by Microsoft... Uh, I mean, er, Sun' ?
Re:Another argument for open source by gilroy · 2001-12-13 07:48 · Score: 3, Funny

Blockquoth the poster:

It's an unchecked buffer, for God's sake. Most C coders can fix a problem like this in their sleep.

... which is good, since that's apparently where they're coding, too. :)

--
The Mongrel Dogs Who Teach
...have already won by Anonymous Coward · 2001-12-13 08:21 · Score: 1, Funny

If we can't use Telnet, then the terrorists have already won!