SunOS 4.1.1 Security hole

About Merit

Services

Network

Resources & Support

Network Research

News

Events

Home

Discussion Communities: Merit Network Email List Archives

Merit Joint Technical Staff

From: Larry J. Blunk
Date: Tue Sep 10 12:03:17 1991

   There is a serious security hole in SunOS 4.1.1 (and 4.1 I think)
relating to the initial state of the /etc/hosts.equiv file.  I was able to
break into a number of Suns on MichNet because this file had not
been changed.  To fix this problem, you need to make sure that you do
not have a '+' alone on a line in the /etc/hosts.equiv file.

  Larry J. Blunk
     Merit Network, Inc.

- - - - - - - - - - - - - - - - -

Follow-Ups:
- Re: SunOS 4.1.1 Security hole Mark Knopper

Prev by Date: Alma and CMU link upgrade
Next by Date: SunOS 4.1.1 Security hole
Date Index
Thread Index
Author Index
Historical