On Thu, Aug 19, 1999 at 11:55:49AM -0500, Dave Plonka wrote: > On Wed, Aug 18, 1999 at 12:26:20PM +0200, Jochen Bauer wrote: > > On Wed, 26 Nov 1997 Eric Augustus (augustusat_private) posted a message > > on BUGTRAQ about the fact, that the default Xaccess file allows XDMCP > > connections from any host. As you know, this can be used to get a > > login screen on any host and therefore get around access control > > mechanisms like tcpwrapper and root login restriction to the console. > > > > However, this warning seemed to have little effect as (at least) > > Digital Unix 4.0E, SuSE Linux 6.1 and Red Hat Linux 6.0 are still > > (1.5 years later) shipped with this default Xaccess file. > <snip> > and with CDE on our Solaris 2.6 machines as well. (I haven't checked > CDE under 2.7 yet.) To be fair, it should be noted that the CDE dtlogin that ships with Solaris (at least >= 2.6, I haven't checked ealier versions) does _not_ suffer from this vulnerability. While it is true that by default anyone is allowed to log in remotely, for remote root login dtlogin checks /etc/default/login, just like /bin/login does. Try it. Dtlogin will not let you in. Michael Herrmann
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:58:39 PDT