Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Unix :: General :: ciacb028.txt

System V bin Login Patch

             The Computer Incident Advisory Capability
                         ___  __ __    _     ___
                        /       |     / \   /
                        \___  __|__  /___\  \___
                         Information Bulletin

May 23, 1991, 0900 PST                                     Number B-28

	     AT&T System V Release 4 Patch for /bin/login

PROBLEM:  	/bin/login may be improperly installed in System V Release 4 
		based systems
PLATFORM:    	All systems based on System V Release 4 may be affected
DAMAGE:   	May allow unauthorized root access
SOLUTIONS:   	Modify permissions for /bin/login and/or install a patch 
		provided by the vendor
	   Critical Facts about System V Release 4 problem

CIAC has learned of a potential vulnerability in the AT&T System V
Release 4 version of the /bin/login program.  This program is used to
initially log users into the system, and if unpatched, may be used to
gain unauthorized system privileges (root).

For AT&T computer system customers, a patch is available to replace
the /bin/login program.  Contact AT&T Computer Systems at (800)
922-0354 to obtain the patch.  The patch numbers are #156 for 3.5"
media, or #157 for 5.25" media.

If this patch is not available for your system, AT&T and CIAC
recommends the following workaround be used until a patch becomes
available from the individual vendor providing system software

1)	Login to the system as root and execute the command:
	chmod 500 /bin/login

The impact of this workaround will be to disallow the use of the login
command from non-root users (this will not effect the login sequence
normally used by the system).

For additional information or assistance, please contact CIAC:   
	Tom Longstaff
	(415) 423-4416 or (FTS) 543-4416

	During working hours call CIAC at (415) 422-8193 or 
	(FTS) 532-8193 or send e-mail to  For
	non-working hour emergencies, call (800) SKY PAGE,
	then enter 855-0070 or 855-0074.  (THIS IS A NEW EMERGENCY NUMBER!)  
	Send FAX messages to:  (415) 423-0913 or (FTS) 543-0913.

The assistance of the Computer Emergency Response Team/Coordination
Center (CERT/CC) and AT&T is gratefully acknowledged.  This document
was prepared as an account of work sponsored by an agency of the
United States Government. Neither the United States Government nor the
University of California nor any of their employees, makes any
warranty, express or implied, or assumes any legal liability or
responsibility for the accuracy, completeness, or usefulness of any
information, apparatus, product, or process disclosed, or represents
that its use would not infringe privately owned rights. Reference
herein to any specific commercial products, process, or service by
trade name, trademark, manufacturer, or otherwise, does not
necessarily constitute or imply its endorsement, recommendation or
favoring by the United States Government or the University of
California. The views and opinions of authors expressed herein do not
necessarily state or reflect those of the United States Government or
the University of California, and shall not be used for advertising or
product endorsement purposes.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH