RLOGIN: RLOGIN Long Argument Overflow
This signature detects RLOGIN sessions with overly long arguments. Attackers can exploit a RLOGIN vulnerability by overflowing the RLOGIN argument buffer to gain control of a target host.
Extended Description
The 'login' program is used in UNIX systems to authenticate users with a username and password. The utility is typically invoked at the console, by 'telnetd', 'rlogind', and if configured to do so, SSH. Versions of 'login' descended from System V UNIX contain a buffer overflow when handling environment variables. Several operating systems such as Solaris/SunOS, HP-UX, AIX, IRIX, and Unixware contain vulnerable versions of 'login'. Unauthenticated clients can exploit this issue to execute arbitrary code as root. On systems where 'login' is installed setuid root, local attackers can elevate privileges.
Affected Products
Cisco pgw2200_pstn_gateway,Sco open_server
References
BugTraq: 3681
CVE: CVE-2001-0797
URL: http://downloads.securityfocus.com/vulnerabilities/exploits/raptor_rlogin.c
Short Name
RLOGIN:OVERFLOW:LONG-ARGS
Severity
Critical
Recommended
False
Recommended Action
Drop
Category
RLOGIN
Keywords
Argument CVE-2001-0797 Long Overflow RLOGIN bid:3681
Release Date
12/30/2004
Supported Platforms
srx-branch-12.3
srx-19.3
srx-branch-19.3
vsrx3bsd-19.2
srx-branch-19.4
vsrx-19.4
mx-12.3
mx-19.4
vmx-19.4
mx-19.3
vsrx3bsd-19.4
srx-19.4
vsrx-12.3
vmx-19.3
vsrx-19.2
srx-12.3
Sigpack Version
3336
False Positive
Unknown
Vendors
Sco
Cisco
Ibm
Sun
Hp
Sgi
CVSS Score
10.0