86 lines
3.3 KiB
Plaintext
86 lines
3.3 KiB
Plaintext
|
|
-----BEGIN PGP SIGNED MESSAGE-----
|
|
|
|
|
|
CA-91:11 CERT Advisory
|
|
August 14, 1991
|
|
ULTRIX LAT/Telnet Gateway Vulnerability
|
|
|
|
- ---------------------------------------------------------------------------
|
|
|
|
The Computer Emergency Response Team/Coordination Center (CERT/CC) has
|
|
received information concerning a vulnerability in LAT/Telnet gateway
|
|
software in Digital Equipment Corporation's (DEC) ULTRIX versions 4.1
|
|
and 4.2 on all architectures. Information regarding the exploitation
|
|
of this vulnerability has been publicly disclosed so we recommend
|
|
taking immediate action. Until you are able to apply the patch we
|
|
recommend that sites disable the LAT/telnet service.
|
|
|
|
DEC has made a patch available which consists of new /usr/ucb/telnet
|
|
binaries.
|
|
|
|
The patch is available through DEC's Customer Support Centers. Sites
|
|
within the USA should call 1-800-525-7100. Sites in Europe and elsewhere
|
|
should contact DEC through their normal channels.
|
|
|
|
- ---------------------------------------------------------------------------
|
|
|
|
I. DESCRIPTION:
|
|
|
|
A vulnerability exists such that ULTRIX 4.1 and 4.2 systems
|
|
running the LAT/Telnet gateway software can allow unauthorized
|
|
privileged access. Although you may not be running the LAT/Telnet
|
|
service at this time, the CERT/CC urges all sites to install
|
|
the patch. This will ease any future installation of the
|
|
gateway software.
|
|
|
|
The LAT/Telnet software requires special installation and is
|
|
NOT part of the default ULTRIX configuration.
|
|
|
|
II. IMPACT:
|
|
|
|
Anyone who can access a terminal or modem connected to
|
|
the LAT server running the LAT/Telnet service can gain
|
|
unauthorized root privileges.
|
|
|
|
III. SOLUTION:
|
|
|
|
Obtain the appropriate version of the patch kit for your
|
|
system architecture from your DEC Customer Support Center,
|
|
and install according to the accompanying instructions.
|
|
|
|
- ---------------------------------------------------------------------------
|
|
The CERT/CC would like to thank George Michaelson of The Prentice Centre,
|
|
University of Queensland, Australia and John Annen of Davidson College for
|
|
bringing this to our attention. We would also like to thank DEC for their
|
|
response to this vulnerability and CIAC for their assistance.
|
|
- ---------------------------------------------------------------------------
|
|
|
|
If you believe that your system has been compromised, contact CERT/CC via
|
|
telephone or e-mail.
|
|
|
|
Computer Emergency Response Team/Coordination Center (CERT/CC)
|
|
Software Engineering Institute
|
|
Carnegie Mellon University
|
|
Pittsburgh, PA 15213-3890
|
|
|
|
Internet E-mail: cert@cert.org
|
|
Telephone: 412-268-7090 24-hour hotline:
|
|
CERT/CC personnel answer 7:30a.m.-6:00p.m. EST,
|
|
on call for emergencies during other hours.
|
|
|
|
Past advisories and other computer security related information are available
|
|
for anonymous ftp from the cert.org (192.88.209.5) system.
|
|
|
|
|
|
-----BEGIN PGP SIGNATURE-----
|
|
Version: 2.6.2
|
|
|
|
iQCVAwUBMaMwtnVP+x0t4w7BAQFTbQP/fp5pScH0CbJiIbjecJih3DRzuDBtZtii
|
|
dgdemGVLvAULe0soBZ6rxgMRMBZASDKu8LdJTeCkKVknzPuGXob8cfCDZvJ3FIK7
|
|
XCuasUv246kJOEZAnSytUpYUmAkcUZSKBYgnrivJ5cs6DyoKjVI6SzS2qY05QPmV
|
|
l2rhRcHGtNY=
|
|
=igPX
|
|
-----END PGP SIGNATURE-----
|
|
|