Experts have warned that a buffer overflow flaw exists in the Unix login program, which authenticates access to the system by user names and passwords.
Because the login program is also used by two programs that are accessible remotely - telnet and rlogin (remote login) - the flaw can be exploited even by those who do not have direct access to the system, said experts at Internet Security Systems (ISS) and the Computer Emergency Response Team/Co-ordination Centre (CERT/CC).
Systems are only vulnerable if telnet, rlogin and other terminal connection services that use login for authentication are enabled, which they usually are by default, according to ISS.
Attackers can exploit the vulnerability to gain superuser privileges or root access to the server - the highest privilege level on Unix systems. This would allow the attacker to execute arbitrary commands.
A software tool, or exploit, to compromise systems running the affected operating systems has been made public, said ISS.
ISS and CERT/CC advise system administrators to install Secure Shell (SSH), a secure alternative to telnet and rlogin, and disable default terminal connection services until the software can be patched. Sun and IBM have released software fixes, said CERT/CC.
Sun's Solaris 8 and earlier versions, and IBM's AIX versions 4.3 and 5.1, are affected. Other systems derived from the same code base, Unix System V, could also be vulnerable, according to CERT/CC. Hewlett-Packard told CERT/CC that its HP-UX cannot be exploited.
The ISS security advisory: xforce.iss.net/alerts/advise105.php
The CERT/CC advisory: www.cert.org/advisories/CA-2001-34.html