Re: Problem with SATAN/VMS

Timothy Newsham (newsham@aloha.net)
Sat, 8 Apr 1995 15:49:44 -1000 (HST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Charles Howes: "Re: All.Net's security testing service"
Previous message: Michael Shields: "Re: All.Net's security testing service"
In reply to: Andreas Siegert: "Re: Problem with SATAN/VMS"

> SATAN on AIX has a similar problem.
> AIX emits a permission denied that the simple test (test -s) doesn't catch
> 
> > The bourne shell script 'rsh.satan' falsely reports a vulnerability on 
> > hosts that are running DEC VMS 6.1  This is because the OS sends the 
> > following message to standard output:
> > 
> > 	UCX$RSHD - Permission denied - host IP addr
> > 
> > To fix, just add a test for the above string to the 'if $TEST -s 
> > "$tmp_file"' test in 'rsh.satan'.

The correct way to test for success or failure is obvious from the
following (from the rshd man page):

DIAGNOSTICS
     Except for the last one listed below, all diagnostic messages are re-
     turned on the initial socket, after which any network connections are
     closed.  An error is indicated by a leading byte with a value of 1 (0 is
     returned in step 9 above upon successful completion of all the steps pri-
     or to the execution of the login shell).

If an rshd does not do this I'd be inclined to call it broken.

> Andreas Siegert       afx@ibm.de / afx@barolo.ak.munich.ibm.com / AFX at IPNET

Next message: Charles Howes: "Re: All.Net's security testing service"
Previous message: Michael Shields: "Re: All.Net's security testing service"
In reply to: Andreas Siegert: "Re: Problem with SATAN/VMS"