Date: Wed, 23 Apr 1997 13:49:19 -0700 From: Pedro Giffuni <pgiffuni@fps.biblos.unal.edu.co> To: security@freebsd.org Subject: Possible security hole in 2.2 Release. Message-ID: <335E75CF.705E@fps.biblos.unal.edu.co>
next in thread | raw e-mail | index | archive | help
Howdy, One of my users reported rlogin didn't ask for a password when he tried to log from a remote box in another faculty. I haven't had the time to check this out (I am sick and in home). The problem was only detected from one Solaris box that doesn't has it's hostname correctly configured. The .rhosts files are from the standard distribution and include a line, "+ +" that may be causing the problem. I closed r* services on this box until I have a chance to check this thoroughly. Pedro.
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?335E75CF.705E>