Re: Sol2.x Mouse EXPLOIT info - CORRECTION

• Messages sorted by: [ date ][ thread ][ subject ][ author ]
• Next message: David Barr: "Re: Sol2.x Mouse EXPLOIT info - CORRECTION"
• Previous message: der Mouse: "Re: WWW Servers Bandwidth flood on Internet"
• In reply to: David Barr: "Re: Sol2.x Mouse EXPLOIT info - CORRECTION"
• Next in thread: Timothy Newsham: "Re: Sol2.x Mouse EXPLOIT info - CORRECTION"

> 
> In message <199501181524.KAA24318@ussenterprise.async.vt.edu>, Leo Bicknell wri
> tes:
> >	Ok, I'll point out a few things.  "#" is not a valid charactor
> >in a host name, and a good bind server will not return it.  I was
> >unable to get my bind server to return a hostname with a # in it,
> >so even if someone hacked the bind server for your site it wouldn't
> >matter.  
> 
> I don't know of any BIND server which won't let you put in a "#" in
> a host name.  I've done quite a bit of checking of DNS, and I've found
> quite arbitrary characters in people's DNS data.  You can argue
> to the contrary, but that's beyond the scope of this list.
> 
> >	Another thing not considered, is that by default under Ultrix
> >all the network tty's are _unsecure_ meaning root cannot log in on
> >them no matter what .rhosts says.  Unless you have changed this it
> >is absolutely not possible for this to be a problem.
> 
> You mean except for "rsh ultrixhost rm -rf /"
> 
> Remember, with /.rhosts, having unsecure ttys has no effect.
> 
> --Dave
> 



Or instead of rm -rf /, how about using sed to change those ttys to secure to
allow you a normal login?


-- 
Doug Siebert
dsiebert@isca.uiowa.edu

• Next message: David Barr: "Re: Sol2.x Mouse EXPLOIT info - CORRECTION"
• Previous message: der Mouse: "Re: WWW Servers Bandwidth flood on Internet"
• In reply to: David Barr: "Re: Sol2.x Mouse EXPLOIT info - CORRECTION"
• Next in thread: Timothy Newsham: "Re: Sol2.x Mouse EXPLOIT info - CORRECTION"