Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: virus????????
Top Forums UNIX for Dummies Questions & Answers virus???????? Post 23785 by Perderabo on Friday 28th of June 2002 11:12:31 PM
Old 06-29-2002
Unix is not as secure as you folks seem to think. A somewhat recent example was the rlogin bug. rlogin is a program that can be executed by any user. However it is suid to root so it assumes root power as it runs. Until recently it loaded the contents of the TERM environment variable into an automatic array without checking to see if it fit. By cleverly setting your TERM variable to a long binary string, a user could deposit machine language code on the stack and then clobber the frame pointer so that the next return statement executed that code. All of this was done with effective uid set to root. And it didn't take the root password or anything like that. The bug was fixed in the late 90's. And HP-UX and SunOS now have kernel options to prohibit executing code on the stack. But I would not bet the rent that there are no more defective suid programs around.
 

9 More Discussions You Might Find Interesting

1. Cybersecurity

do i have a virus???

nice board, makes interesting reading! glad to know im not the only one to have problems!! :D :D last week, our database started to crash (run on unix / solaris) for no apparant reason. the problem seems to be intermiant which lead us to believe it may be a hardware problem causing the... (2 Replies)
Discussion started by: mdma
2 Replies

2. UNIX for Dummies Questions & Answers

Virus !!!!!!!!!!!!!!!!!!!

can linux get a virus on the boot sec from windows? becuse my buddys computer micro trend cmos virus keeps telling him that there is a boot sec virus on my hdd is that possable or is the box being dumb and looking at the linux boot as a virus? it was set up as a windows box not a linux... (4 Replies)
Discussion started by: amicrawler2000
4 Replies

3. UNIX for Dummies Questions & Answers

virus detection

IS there virus software for unix? I worked in a Solaris environment and dont remember having anything. I also ask because the current enviroment i am working on is Microsoft and they argue that they do not use unix because of virus detection. Any input would be greatly appreciated. (1 Reply)
Discussion started by: pbonilla
1 Replies

4. UNIX for Dummies Questions & Answers

Worm Virus

I am running Unix SCO and have discovered the worm virus. It is enabled through a BIOS connections, I am able to get around it using telnet, believe it or not. - Can anyone recommend a virus scan software? - Has anyone successfully used a virus scan software on unix without a problem? ... (2 Replies)
Discussion started by: ana_cr32
2 Replies

5. UNIX for Dummies Questions & Answers

Virus Software

I'm trying to find out what kind of virus software UNIX has, if any. Please let me know and please inform me of the prefered types. Thanks (1 Reply)
Discussion started by: GlockCW
1 Replies

6. UNIX for Dummies Questions & Answers

unix and virus

why one normally hears tht virus has stuck windows and one does not hear that unix has been stuck by virus...wht make unix so powerfull tht virus does not stuck it. (9 Replies)
Discussion started by: taurian1234
9 Replies

7. Windows & DOS: Issues & Discussions

virus help:

:confused: folder option is dissapiaring in tool menu iam formatting c drive after removal of this virus & also regedit is also not opening the messerge say's administrater disabled with out formattiung how ican solve this problem i.e iwant to get folder options& regedit (2 Replies)
Discussion started by: seshumohan
2 Replies

8. UNIX Desktop Questions & Answers

Virus and Malware

How do i manage virus and melware in Unix ? (2 Replies)
Discussion started by: Suriano10
2 Replies

9. Windows & DOS: Issues & Discussions

Windows XP keeps getting virus

Hi All, My old laptop has Windows XP. I reinstalled only last month and installed AVG free anti-virus. It's like every month, I get some kind of spyware or virus issue. which anti-virus software you guys using? Thanks. (8 Replies)
Discussion started by: samnyc
8 Replies

LEARN ABOUT BSD

rlogin

RLOGIN(1C)																RLOGIN(1C)

NAME

       rlogin - remote login

SYNOPSIS

       rlogin rhost [ -ec ] [ -8 ] [ -L ] [ -l username ]
       rhost [ -ec ] [ -8 ] [ -L ] [ -l username ]

DESCRIPTION

       Rlogin connects your terminal on the current local host system lhost to the remote host system rhost.

       Each  host  has	a  file /etc/hosts.equiv which contains a list of rhost's with which it shares account names.  (The host names must be the
       standard names as described in rsh(1C).)  When you rlogin as the same user on an equivalent host, you don't need to give a password.   Each
       user may also have a private equivalence list in a file .rhosts in his login directory.	Each line in this file should contain an rhost and
       a username separated by a space, giving additional cases where logins without passwords are to be permitted.  If the  originating  user	is
       not  equivalent	to  the  remote  user, then a login and password will be prompted for on the remote machine as in login(1).  To avoid some
       security problems, the .rhosts file must be owned by either the remote user or root.

       The remote terminal type is the same as your local terminal type (as given in your environment TERM variable).  The terminal or window size
       is  also copied to the remote system if the server supports the option, and changes in size are reflected as well.  All echoing takes place
       at the remote site, so that (except for delays) the rlogin is transparent.  Flow control via ^S and ^Q and flushing of input and output	on
       interrupts  are	handled  properly.   The  optional argument -8 allows an eight-bit input data path at all times; otherwise parity bits are
       stripped except when the remote side's stop and start characters are other than ^S/^Q.  The argument -L allows the rlogin session to be run
       in  litout  mode.   A  line  of the form ``~.'' disconnects from the remote host, where ``~'' is the escape character.  Similarly, the line
       ``~^Z'' (where ^Z, control-Z, is the suspend character) will suspend the rlogin session.  Substitution  of  the	delayed-suspend  character
       (normally  ^Y)  for  the  suspend character suspends the send portion of the rlogin, but allows output from the remote system.  A different
       escape character may be specified by the -e option.  There is no space separating this option flag and the argument character.

SEE ALSO

       rsh(1C)

FILES

       /usr/hosts/*	   for rhost version of the command

BUGS

       More of the environment should be propagated.

4.2 Berkeley Distribution					   May 12, 1986 							RLOGIN(1C)
All times are GMT -4. The time now is 12:59 PM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy