Look what John Pritchard said on Jun 2, 8:50am:
>
> The dop problem is definitely an issue. We had a couple kids find the hack
on
> bugtraq and were able to exploit it. Hopefully we will be able to prevent
> the problem by not allowing telnet, shadowing the password file (C2
security),
> and chmod'ing the /usr/sbin/dop to 0.
FYI, patch OSF410-400006 (for 4.0B, not sure what the patch ID is for other
revisions) fixes the problem.
jonathan
--
+++ Jonathan Rozes, Unix Systems Administrator, Tufts University
++ jrozes_at_tcs.tufts.edu, http://rozes.tcs.tufts.edu/
+ Remember, there's a difference between kneeling down and
bending over --FZ
Received on Mon Jun 02 1997 - 16:26:53 NZST