[ advisories | exploits | discussions | news | conventions | security tools | texts & papers ]
 main menu
- feedback
- advertising
- privacy
- FightAIDS
- newsletter
- news
- read forum
- new topic
- search

- meetings list
- recent additions
- add your info
 top 100 sites
- visit top sites
- sign up now
- members

- add your url
- add domain
- search box
- link to us

- our projects
- free email
 m4d network
- security software
- secureroot
- m4d.com
Home : Advisories : DECnet-Internet Gateway Vulnerability

Title: DECnet-Internet Gateway Vulnerability
Released by: CERT
Date: 26th September 1991
Printable version: Click here

Hash: SHA1



Last Revised: September 18,1997

                Attached copyright statement


                              CERT Advisory

                              September 26, 1991

                      DECnet-Internet Gateway Vulnerability

- ---------------------------------------------------------------------------

The Computer Emergency Response Team/Coordination Center (CERT/CC) has

received information concerning a vulnerability in the configuration of

the DECnet-Internet gateway software for Digital Equipment Corporation's 

(DEC) ULTRIX versions 4.0, 4.1, and 4.2 on all Digital architectures.

Digital Equipment Corporation is aware of this problem and a resolution

for this vulnerability will be included in a future release.  Digital

and the CERT/CC strongly recommend that sites exposed to this vulnerability 

immediately institute the workaround detailed in this advisory.

- ---------------------------------------------------------------------------

I.   Description

     When installing the DECnet-Internet gateway software it is necessary to

     create a guest account on the ULTRIX gateway host.  By default, this

     account has /bin/csh as its shell.  By virtue of the guest account

     having a valid shell, the DECnet-Internet gateway software can be

     exploited to allow unauthorized root access.

II.  Impact

     Anyone using the DECnet-Internet gateway can gain unauthorized

     root privileges on the ULTRIX gateway host.

III. Solution


     This section describes a workaround for this vulnerability.

     Disable the guest account by editing the /etc/passwd file and setting

     the shell field for the guest account to /bin/false.  Also, ensure the 

     guest account has the string "NoLogin" in the password field as detailed

     in the DECnet-Internet installation manual.  

     Even if you have not installed or are not running the DECnet-

     Internet gateway software, Digital recommends that you implement the

     workaround solution stated above.

- ---------------------------------------------------------------------------

The CERT/CC wishes to thank R. Scott Butler of the Du Pont Company for 

bringing this vulnerability to our attention and for his further 

assistance with the temporary workaround.

- ---------------------------------------------------------------------------

If you believe that your system has been compromised, contact CERT/CC via

telephone or e-mail.

Computer Emergency Response Team/Coordination Center (CERT/CC)

Software Engineering Institute

Carnegie Mellon University

Pittsburgh, PA 15213-3890

Internet E-mail: cert@cert.org

Telephone: 412-268-7090 24-hour hotline:

           CERT/CC personnel answer 7:30a.m.-6:00p.m. EST/EDT,

           on call for emergencies during other hours.

Past advisories and other computer security related information are available

for anonymous ftp from the cert.org ( system.

- -------------------------------------------------------------------------

Copyright 1991 Carnegie Mellon University. Conditions for use, disclaimers,

and sponsorship information can be found in

http://www.cert.org/legal_stuff.html and http://ftp.cert.org/pub/legal_stuff .

If you do not have FTP or web access, send mail to cert@cert.org with

"copyright" in the subject line.

CERT is registered in the U.S. Patent and Trademark Office.


Revision History

September 18,1997  Attached Copyright Statement


Version: PGP for Personal Privacy 5.0

Charset: noconv





(C) 1999-2000 All rights reserved.