Bug 2577

Summary: rlogin (kcmd.c) root-level, local+remote (passive) security hole
Product: Base System Reporter: Julian Assange <proff>
Component: binAssignee: Mark Murray <markm>
Status: Closed FIXED    
Severity: Affects Only Me    
Priority: Normal    
Version: 3.0-CURRENT   
Hardware: Any   
OS: Any   
Attachments:
Description Flags
file.diff none

Description Julian Assange 1997-01-25 13:40:01 UTC 
	

	by forging dns information kcmd.c is exploitable

Fix: apply following patch; also fixes an unchecked malloc()
Comment 1 mpp freebsd_committer freebsd_triage 1997-01-26 07:01:51 UTC 
Responsible Changed
From-To: gnats-admin->freebsd-bugs

Misfiled PR.
Comment 2 Mark Murray freebsd_committer freebsd_triage 1997-01-26 07:27:29 UTC 
Responsible Changed
From-To: freebsd-bugs->markm

eBones is my turf.
Comment 3 Mark Murray freebsd_committer freebsd_triage 1997-02-09 21:34:43 UTC 
State Changed
From-To: open->closed

Suggested fix applied. Thanks!