Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: password backdoors
From: szabo_p () maths su oz au (Paul Szabo)
Date: Thu, 11 May 95 12:49:25 +1000


Lyndon (formerly from Rover?) (System Admin <root () sentinet demon co uk>)
wrote:
I have an old Apollo box running Domain 10.4.1 and lost the password for
root, the only account. ... the HP service engineer said that I should have
given him a ring as they have a way to get in ! ... Can anyone enlighten me
further into how this would be done

I am sure your HP engineer was just boasting, I am sure there are no
'password backdoors' in Domain/OS. However, Domain/OS (as installed by
default) has many other security holes which allow anyone (preferably with
physical access) to do anything they like. Even though this is a full
disclosure list, I would prefer not to elaborate on how to expoit these
holes, but rather point you to a set of scripts which close most (all?) of
them:

  ftp://ftp.maths.su.oz.au/protect/scripts.tar.Z

Paul Szabo - System Manager   //        School of Mathematics and Statistics
szabo_p () maths su oz au        //   University of Sydney, NSW 2006, Australia



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault