cert-advisory-request@CERT.SEI.CMU.EDU (CERT Advisory) (03/27/91)
CA-91:02 CERT Advisory
March 26, 1991
SunOS in.telnetd Vulnerability
-------------------------------------------------------------------------
DESCRIPTION:
The Computer Emergency Response Team/Coordination Center (CERT/CC) has
obtained information regarding a vulnerability which affects SunOS 4.1
and 4.1.1 versions of in.telnetd on all Sun 3 and Sun 4 architectures.
The vulnerability has been fixed by Sun Microsystems, Inc.
IMPACT:
The vulnerability allows a user on the system to gain unauthorized
access to other accounts, including root.
SOLUTION:
Sun Microsystems, Inc. has patched versions of in.telnetd available for
SunOS 4.1 and 4.1.1 on all Sun 3 and Sun 4 architectures. The Sun Bug
IDs which are fixed by this patch are: 1054669 1050269 1049886 1042370
1040722 1033809. The Sun Patch ID (which you will need to order the
patch from a Sun Answer Center (phone number 800 USA 4SUN) is:
100125-02. The checksum of the compressed tarfile (filename
1001125-02.tar.Z) is 44522 46. The compressed tarfile is available by
anonymous FTP on ftp.uu.net in sun-dist/1001125-02.tar.Z as well as on
mcsun.eu.net in sun/fixes/1001125-02.tar.Z.
Patch installation instructions are as follows:
# mv /usr/etc/in.telnetd /usr/etc/in.telnetd.FCS
# chmod 600 /usr/etc/in.telnetd.FCS
(These two steps store the old version as a precaution and change the
file mode to that the old version cannot be executed; after verifying
the new version, the old version should be removed.)
# cp sun{3,3x,4,4c}/in.telnetd /usr/etc/in.telnetd
(Be sure to copy the appropriate version for your architecture.)
# chmod 711 /usr/etc/in.telnetd
# chown root /usr/etc/in.telnetd
# chgrp staff /usr/etc/in.telnetd
# kill {any executing in.telnetd process(es) (SEE NOTE)}
NOTE: Be careful in killing existing in.telnetd processes, as they may
be legitimate users attempting to login to the system.
-------------------------------------------------------------------------
Computer Emergency Response Team/Coordination Center (CERT/CC)
Software Engineering Institute
Carnegie Mellon University
Pittsburgh, PA 15213-3890
Internet E-mail: cert@cert.sei.cmu.edu
Telephone: 412-268-7090 24-hour hotline:
CERT personnel answer 7:30a.m.-6:00p.m. EST.
On call for emergencies during other hours.
Past advisories and other computer security related information are available
for anonymous ftp from the cert.sei.cmu.edu (128.237.253.5) system.