COMMAND
rlogin
SYSTEMS AFFECTED
SunOS 5.5.1, 5.5.1_x86, 5.5, 5.5_x86, 5.4, 5.4_x86, 5.3, 4.1.4,
4.1.3_U1
PROBLEM
The rlogin program establishes a remote login session. Due to
insufficient bounds checking on arguments supplied to rlogin, it
is possible to overwrite the internal data space of the rlogin
program. As rlogin is setuid root, this vulnerability may be
exploited to gain root access.
SOLUTION
The vulnerability is fixed in Solaris 2.6. The vulnerability in
rlogin is fixed by the following patches:
OS version Patch ID
__________ ________
SunOS 5.5.1 104650-02
SunOS 5.5.1_x86 104651-02
SunOS 5.5 104669-02
SunOS 5.5_x86 104670-02
SunOS 5.4 105254-01
SunOS 5.4_x86 105255-01
SunOS 5.3 105253-01
SunOS 4.1.4 105260-01
SunOS 4.1.3_U1 105259-01