Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: AIX rlogind
From: gtoal () an-teallach com (Graham Toal)
Date: Fri, 3 Jun 1994 21:56:36 +0100


: I've just checked DEC OSF/1 V2.0. This seems to be partially ok. The -froot
: method won't work (I get complaints about -r, -o, and -t being unknown options
: which implies its -f option doesn't take an argument). However the -h trick is
: still available (but is obviously less severe).

I'm not sure it is less severe.  Can't it be used for host spoofing
when using rlogin - just set up a user of the appropriate name on your
own host and rlogin -l -htrusted.host ???  (I haven't been able to test
this yet because I don't have any untrusted hosts handy that can get
through the log_tcp blocking!)

G
PS Sorry if this is late - had a vacation and am now catching up...



  By Date           By Thread  

Current thread:
  • Re: AIX rlogind Graham Toal (Jun 03)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault