RE: Sun Solaris login bug patches out

From: Reg Quinton (
Date: 12/17/01

From: "Reg Quinton" <>
To: "'James Lick'" <>, <>, <>
Date: Mon, 17 Dec 2001 12:50:54 -0500

> 2) Reg Quinton has written a wrapper to login which he believes will
> block an exploit:

Several folks have explained the vulnerability to me and why my trick
doesn't work. This is the most concise:

> from Fletcher Mattox []:
>$ rsh cs -l zortl
>Login incorrect
>login: zortl xxx=yyy <- this is typed by the user on stdin to login
> after the program has been exec'd and command
> line args have been processed. the same code
> processes this line (in getargs()) which is
> used to parse the command line and in which
> the buffer overflow occurs.

A wrapper like I proposed won't help at all there.

Relevant Pages

  • Re: FreeBSD 7.1 - rshd problems
    ... FreeBSD 7.1 - rshd problems ... rshd: Login incorrect. ... What do you want from rsh? ... Copyright 1992-2009 The FreeBSD Project. ...
  • rsh help
    ... I was looking at rsh on freebsd 6.0, is it really execute commands ... althouth it gets login ... rshd: Login incorrect. ...