SysV /bin/login Environment Remote Overflow (rlogin)

Critical Nessus Plugin ID 10828

Synopsis

It is possible to execute arbitrary code on the remote host.

Description

The remote /bin/login seems to crash when it receives too many environment variables. This is likely due to a buffer overflow vulnerability which might allow an attacker to execute arbitrary code on the remote host.

Solution

Apply the patch from your vendor (or read the CERT advisory).

Plugin Details

Severity: Critical

ID: 10828

File Name: binlogin_overflow_rlogin.nasl

Version: 1.35

Type: remote

Published: 2001/12/15

Updated: 2018/06/27

Dependencies: 17975

Configuration: Enable paranoid mode

Risk Information

Risk Factor: Critical

CVSS v2.0

Base Score: 10

Temporal Score: 8.7

Vector: CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C

Temporal Vector: CVSS2#E:H/RL:OF/RC:C

Vulnerability Information

Required KB Items: Settings/ParanoidReport

Exploit Available: true

Exploit Ease: Exploits are available

Vulnerability Publication Date: 2001/12/12

Exploitable With

CANVAS (CANVAS)

Metasploit (Solaris in.telnetd TTYPROMPT Buffer Overflow)

Reference Information

CVE: CVE-2001-0797

BID: 3681

CERT-CC: CA-2001-34