Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact
10
CVSSv2

CVE-2001-0797

Published: 12/12/2001 Updated: 30/10/2018
CVSS v2 Base Score: 10 | Impact Score: 10 | Exploitability Score: 10
VMScore: 1000
Vector: AV:N/AC:L/Au:N/C:C/I:C/A:C
Subscribe to Sgi

Vulnerability Summary

Buffer overflow in login in various System V based operating systems allows remote malicious users to execute arbitrary commands via a large number of arguments through services such as telnet and rlogin.

Vulnerability Trend

Vulnerable Product Search on Vulmon Subscribe to Product

sgi irix 3.2

sgi irix 3.3.2

sgi irix 3.3.3

sgi irix 3.3

sgi irix 3.3.1

hp hp-ux 10.01

hp hp-ux 10.10

ibm aix 4.3.1

ibm aix 4.3.2

sco openserver 5.0.5

sco openserver 5.0.6

sun solaris 2.4

sun sunos 5.5

sun sunos 5.7

sun solaris 7.0

hp hp-ux 11.0.4

hp hp-ux 11.00

sco openserver 5.0

sco openserver 5.0.1

sun sunos 5.1

sun sunos 5.2

sun solaris 2.5.1

sun solaris 2.5

hp hp-ux 10.00

hp hp-ux 11.11

ibm aix 4.3

sco openserver 5.0.2

sco openserver 5.0.3

sco openserver 5.0.4

sun sunos 5.3

sun sunos 5.4

sun solaris 2.6

sun sunos -

hp hp-ux 10.20

hp hp-ux 10.24

ibm aix 4.3.3

ibm aix 5.1

sco openserver 5.0.6a

sun sunos 5.0

sun sunos 5.5.1

sun sunos 5.8

sun solaris 8.0

Vendor Advisories

Cisco: Solaris /bin/login Vulnerability
This advisory describes a vulnerability that affects Cisco products and applications that are installed on the Solaris operating system, and is based on the vulnerability of an common service within the Solaris operating system, not due to a defect of the Cisco product or application A vulnerability in the "/bin/login" program was discover ...

Exploits

Exploit DB: raptor_rlogin.c
Remote root exploit for rlogin on Solaris/SPARC 251/26/7/8 This remote root exploit uses the (old) System V based /bin/login vulnerability via the rlogin attack vector, returning into the bss section to effectively bypass the non-executable stack protection (noexec_user_stack=1 in /etc/system) ...
Exploit DB: Solaris /bin/login (SPARC/x86) - Remote Code Execution
/* * 7350963 - /bin/login remote root explot SPARC/x86 * * TESO CONFIDENTIAL - SOURCE MATERIALS * * This is unpublished proprietary source code of TESO Security * * (C) COPYRIGHT TESO Security, 2001 * All Rights Reserved * * bug found by scut 2001/12/20 * thanks to halvar,scut,typo,random,edi,xdr * special thanks to securityis * * ...
Exploit DB: Solaris 2.5.1/2.6/7/8 rlogin (SPARC) - '/bin/login' Remote Buffer Overflow
/* * $Id: raptor_rloginc,v 11 2004/12/04 14:44:38 raptor Exp $ * * raptor_rloginc - (r)login, Solaris/SPARC 251/26/7/8 * Copyright (c) 2004 Marco Ivaldi <raptor@0xdeadbeefinfo> * * Buffer overflow in login in various System V based operating systems * allows remote attackers to execute arbitrary commands via a large number * ...
Exploit DB: Solaris TelnetD - 'TTYPROMPT' Remote Buffer Overflow (2) (Metasploit)
## # $Id: ttypromptrb 9583 2010-06-22 19:11:05Z todb $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metas ...
Exploit DB: System V Derived /bin/login - Extraneous Arguments Buffer Overflow (modem based) (Metasploit)
## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote include Msf::Exploit::Remot ...
Exploit DB: Solaris TelnetD - 'TTYPROMPT' Remote Buffer Overflow (1) (Metasploit)
## # $Id$ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metasploit3 < Msf::Exploit::Remote include Ms ...
Exploit DB: System V Derived /bin/login - Extraneous Arguments Buffer Overflow (Metasploit)
## # $Id: manyargsrb 9669 2010-07-03 03:13:45Z jduck $ ## ## # This file is part of the Metasploit Framework and may be subject to # redistribution and commercial restrictions Please see the Metasploit # Framework web site for more information on licensing and terms of use # metasploitcom/framework/ ## require 'msf/core' class Metaspl ...
Exploit DB: Solaris 2.x/7.0/8 - Derived 'login' Remote Buffer Overflow
source: wwwsecurityfocuscom/bid/3681/info The 'login' program is used in UNIX systems to authenticate users with a username and password The utility is typically invoked at the console, by 'telnetd', 'rlogind', and if configured to do so, SSH Versions of 'login' descended from System V UNIX contain a buffer overflow when handling envir ...
Exploit DB: Solaris 2.6/7/8 - 'TTYPROMPT in.telnet' Remote Authentication Bypass
Solaris TTYPROMPT Security Vulnerability (Telnet) This vulnerability is very simple to exploit, since it does not require any code to be compiled by an attacker The vulnerability only requires the attacker to simply define the environment variable TTYPROMPT to a 6-character string, inside telnet Jonathan believes this overflows an integer in ...

Github Repositories

https://github.com/Kicksecure/security-misc

Kernel Hardening; Protect Linux User Accounts against Brute Force Attacks; Improve Entropy Collection; Strong Linux User Account Separation; Enhances Misc Security Settings - https://www.kicksecure.com/wiki/Security-misc

Enhances miscellaneous security settings Kernel hardening This section is inspired by the Kernel Self Protection Project (KSPP) It implements all recommended Linux kernel settings by the KSPP and many more kernsecorg/wiki/indexphp/Kernel_Self_Protection_Project sysctl sysctl settings are configured via the /etc/sysctld/30_security-miscconf configuration file

https://github.com/Whonix/security-misc

Kernel Hardening; Protect Linux User Accounts against Brute Force Attacks; Improve Entropy Collection; Strong Linux User Account Separation; Enhances Misc Security Settings - https://www.kicksecure.com/wiki/Security-misc

Enhances miscellaneous security settings Kernel hardening This section is inspired by the Kernel Self Protection Project (KSPP) It implements all recommended Linux kernel settings by the KSPP and many more kernsecorg/wiki/indexphp/Kernel_Self_Protection_Project sysctl sysctl settings are configured via the /etc/sysctld/30_security-miscconf configuration file

References

NVD-CWE-Otherhttp://xforce.iss.net/alerts/advise105.phphttp://www.securityfocus.com/archive/1/246487http://www.cert.org/advisories/CA-2001-34.htmlhttp://www.securityfocus.com/bid/3681http://www.kb.cert.org/vuls/id/569272ftp://stage.caldera.com/pub/security/openserver/CSSA-2001-SCO.40/CSSA-2001-SCO.40.txthttp://sunsolve.sun.com/pub-cgi/retrieve.pl?doctype=coll&doc=secbull/213http://www-1.ibm.com/support/search.wss?rs=0&q=IY26221&apar=onlyftp://patches.sgi.com/support/free/security/advisories/20011201-01-Ihttp://marc.info/?l=bugtraq&m=100844757228307&w=2https://oval.cisecurity.org/repository/search/definition/oval%3Aorg.mitre.oval%3Adef%3A2025https://exchange.xforce.ibmcloud.com/vulnerabilities/7284https://nvd.nist.govhttps://github.com/Kicksecure/security-mischttps://packetstormsecurity.com/files/35500/raptor_rlogin.c.htmlhttp://tools.cisco.com/security/center/content/CiscoSecurityAdvisory/cisco-sa-20020410-solaris-bin-loginhttps://www.exploit-db.com/exploits/346/
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
validationCVE-2024-34413CVE-2024-34089CVE-2024-33408localSQLCVE-2024-0402CVE-2024-33910CVE-2024-31848
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook