Date: Wed, 22 Jan 1997 15:50:33 -0800 (PST) From: Jason Wells <sysadmin@s5-25-199.student.washington.edu> To: FreeBSD-gnats-submit@freebsd.org Subject: bin/2560: login accepts bad passwd and logs user in Message-ID: <199701222350.PAA00509@s5-25-199.student.washington.edu> Resent-Message-ID: <199701230000.QAA08050@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
>Number: 2560 >Category: bin >Synopsis: login accepts bad passwd and logs user in >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Jan 22 16:00:01 PST 1997 >Last-Modified: >Originator: Jason Wells >Organization: highperformance.net >Release: FreeBSD 2.1.5-STABLE i386 >Environment: >Description: Login accepts password that is known to be bad. If the user accidentally adds characters to the end of a correct password login does not reject the login. If your password was 'password' and you entered 'passwordxx' login willaccept the password. >How-To-Repeat: >Fix: >Audit-Trail: >Unformatted:
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199701222350.PAA00509>