The rlogin program is a remote login tool for Unix-like systems. It allows users to remotely access and manage their system. This vulnerability occurs due to a buffer overflow when the TERM environmental variable is used, allowing an attacker to execute arbitrary commands on the system.
Specific version info not stated in the advisory. If you don't recognise this software, you're probably not affected.
There is no public patch link available for this vulnerability. However, immediate mitigations can be applied:
- Disable the rlogin service (if it's running) to prevent exploitation.
- Remove any outdated or unused versions of the rlogin program from your system.
- Consider replacing the rlogin program with a more secure alternative like SSH.