Date: Wed, 10 Oct 2001 12:05:36 -0700 (PDT) From: David Ljung Madison <freebsd.org@daveola.com> To: freebsd-gnats-submit@FreeBSD.org Subject: misc/31204: FreeBSD login will display secure log notices before password is given Message-ID: <200110101905.f9AJ5aO33641@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 31204 >Category: misc >Synopsis: FreeBSD login will display secure log notices before password is given >Confidential: no >Severity: serious >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Oct 10 12:10:01 PDT 2001 >Closed-Date: >Last-Modified: >Originator: David Ljung Madison >Release: 4.4 >Organization: MarginalHacks.com >Environment: FreeBSD ***.com 4.4-RELEASE FreeBSD 4.4-RELEASE #0: Tue Sep 18 11:57:08 PDT 2001 murray@builder.FreeBSD.org:/usr/src/sys/compile/GENERIC i386 >Description: First of all, I should point out that I don't actually run FreeBSD as my unix flavor, I was working on a friend's machine. If you try to login as root, you can see security warnings that only root should see before you ever enter your password. An obvious exploit would be to login to the machine, enter "root" at the login prompt, then sit back and watch security messages, which could be very useful to an attacker to learn about what kind of security the system has implemented >How-To-Repeat: Make a bad attempt to login to some account (use the wrong password). Then try to login as root - you will see the "bad login" message after you enter the "login:" prompt but before you type a password. >Fix: Dunno - don't have a FreeBSD system. Presumably the login exec is doing a setuid before it actually verifies the password? >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200110101905.f9AJ5aO33641>