COMMAND

    rlogind

SYSTEMS AFFECTED

    Linux

PROBLEM

    rlogind uses the  enviromental variable TERM,  but does not  check
    the bounds of the array it goes into. Thus, an overflow the  stack
    and rewrite the stack  exploit can used to  gain root access.   If
    you run  (more or  less) any  disturbution of  Linux and  have not
    upgraded to or past Netkit 8, then you are in trouble.

SOLUTION

    Disable rlogind  in /etc/inetd.conf  and then  restart inetd (kill
    -HUP <  PID of  inetd> )  and then  download the latest Netkit;
    configure, compile and install.