Re: Linux rlogin hole with libc 5.x

Alan Brown (alan@manawatu.planet.org.nz)
Thu, 6 Jun 1996 20:01:53 +1200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Alan Brown: "Re: brute force"
Previous message: John Orthoefer: "Re: Selecting Good Passwords"
In reply to: Tom Fitzgerald: "Re: brute force"
Next in thread: Pablo Idiaquez: "Re: Linux rlogin hole with libc 5.x"
Next in thread: Alan Brown: "Re: brute force"

The hole in the 5.x libraries is known and specifically warned about in
the kernel documentation file which discusses updating to ELF.

The hole is fixed in libc5.3.12 and later.

Be warned that the 5.x series Libc's are currently classed as "experimental"

The simple solution to the problem is to disable rlogin. There's little
point leaving any inetd service open unless it's actually being used.

AB

Next message: Alan Brown: "Re: brute force"
Previous message: John Orthoefer: "Re: Selecting Good Passwords"
In reply to: Tom Fitzgerald: "Re: brute force"
Next in thread: Pablo Idiaquez: "Re: Linux rlogin hole with libc 5.x"
Next in thread: Alan Brown: "Re: brute force"