Path: utzoo!utgpu!jarvis.csri.toronto.edu!mailrus!tut.cis.ohio-state.edu!ucbvax!decwrl!purdue!haven!decuac!felix!info-ultrix From: wswietse@eutrc3.UUCP (Wietse Venema) Newsgroups: comp.unix.ultrix Subject: Re: VERY Dangerous Hole ... Message-ID: <85760@felix.UUCP> Date: 6 Mar 89 17:49:22 GMT References: <81555@felix.UUCP> Sender: info-ultrix@felix.UUCP Reply-To: wswietse@eutrc3.UUCP (Wietse Venema) Organization: Tech. Univ. Eindhoven, NL Lines: 42 Approved: zemon@felix.UUCP Reply-Path: Reply-to: wswietse@eutrc3.UUCP (Wietse Venema) In article <81555@felix.UUCP> slouder@note.nsf.gov (Steve Loudermilk) writes: |Reply-to: slouder@note.nsf.gov (Steve Loudermilk) | |Hi, | |On 22 Dec 88, a notice was posted on this bulletin board by a |Mr. Ning Zhang in Germany announcing he had discovered a "very |dangerous security hole in UNIX". He said he had drafted a report |on it. | |I was of the opinion that much more would be forthcoming if there |really was such a problem. Nothing else has been posted concerning |this. And I have seen nothing on other BBs which are linked to this |message. I was ready to write it off as a false alarm. However, other's |in my office, and rightly so, have urged me to "close the loop" and |find out for sure. | |Is there really a big problem? Is it the same as ftp, finger, |or sendmail problems which have been handled so well by others in the |internet community? | |Excuse me if I have missed something here, but I believe such an |announcement deserves a followup explanation. | |Thanks, | |---------------------------------------------------------------------- |Steve Loudermilk Internet: slouder@note.nsf.gov |Integrated Microcomputer Systems Inc. Phonenet: (202) 357-9648 |---------------------------------------------------------------------- The problem is real and has been found on several BSD-like UNIX versions (Ultrix, Alliant, Sun). It occurs when the finger field of a passwd file entry becomes longer than the internal buffers used by programs such as chsh(1). -- uucp: wswietse@eutrc3.UUCP | Eindhoven University of Technology bitnet: wswietse@heithe5.BITNET | Dept. of Mathematics and Computing Science surf: tuerc5::wswietse | Eindhoven, The Netherlands.