Skip site navigation (1)Skip section navigation (2)
Date:              Fri, 10 Feb 1995 15:21:47 
From: (Sean McGee)
Subject:        Security Hole ?????
Message-ID:  <>

Next in thread | Raw E-Mail | Index | Archive | Help
The following is a transcript of a telnet session on my 2.0R host:
I logged in as a user with absolutely no rights whatsoever, with an 
account that has an expired password under 'chpass'.

><< Opened connection to >>
>  FreeBSD ( (ttyp0)
>login: skpearso
>Sorry -- your password has expired.
>Changing local password for root.
>New password:
>Retype new password:
>passwd: rebuilding the database...
>passwd: done
>Last login: Fri Feb 10 13:10:40 from h004
>Copyright (c) 1980, 1983, 1986, 1988, 1990, 1991, 1993, 1994
>        The Regents of the University of California.   All rights reserved.
>login: /bin/csh: Permission denied
><< Connection closed by other end. >>

As you can see, I was able to change root's password as a user with no 
rights when my account password had expired. 

Is this a hole or am I missing something???


Want to link to this message? Use this URL: <>