Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Security hole in some Unix login program

Security hole in some Unix login program

From: Gilles PARC <gparc_at_online.fr>
Date: Mon, 07 Jan 2002 15:54:34 -0800
Message-ID: <F001.003E909F.20020107153524@fatcity.com> 






Hi listers,



in case like me it escaped your attention last December,
there is a security alert concerning a flaw in  /bin/login on some
Unix  / Linux variants permitting an intruder to gain root access.



At least AIX and SOLARIS are concerned but check carefully
with your OS vendor and patch accordingly.
( for Aix 4.3  fix is APAR IY26443 )



Here are some references :


http://www.cert.org/advisories/CA-2001-34.html
http://xforce.iss.net/static/7284.php
http://www.securityfocus.com/archive/1/246487





For once NT fellows, you are safe...



HTH


Regards






Gilles Parc



carpe diem !!


-- 



Please see the official ORACLE-L FAQ: http://www.orafaq.com


-- 



Author: Gilles PARC


  INET: gparc_at_online.fr


Fat City Network Services    -- (858) 538-5051  FAX: (858) 538-5051
San Diego, California        -- Public Internet access / Mailing Lists
--------------------------------------------------------------------


To REMOVE yourself from this mailing list, send an E-Mail message
to: ListGuru_at_fatcity.com (note EXACT spelling of 'ListGuru') and in
the message BODY, include a line containing: UNSUB ORACLE-L
(or the name of mailing list you want to be removed from).  You may
also send the HELP command for other information (like subscribing).
Received on Mon Jan 07 2002 - 17:54:34 CST












Original text of this message













  HOME |
  ASK QUESTION |
  ADD INFO |
  SEARCH |
  E-MAIL US