Home page logo
/

bugtraq logo Bugtraq mailing list archives

Re: password backdoors
From: kimminau () Mail Coast NET (Eric Kimminau)
Date: Thu, 11 May 1995 20:21:51 -0400 (EDT)


I am sure your HP engineer was just boasting, I am sure there are no
'password backdoors' in Domain/OS. However, Domain/OS (as installed by
default) has many other security holes which allow anyone (preferably with
physical access) to do anything they like. Even though this is a full
disclosure list, I would prefer not to elaborate on how to expoit these
holes, but rather point you to a set of scripts which close most (all?) of
them:

Its very possible to boot an HPUX box as root if you have physical access 
to the machine, power off, power on, let fsck begin, power off, power on. 
Single user fsck root shell.

=============================================================================
 ////    Eric Kimminau  eric () dosgod mi org   Dos God at Large. Linux v1.2.x
 c-OO    '' Take thee this thing covered with that stuff and give it unto that
    \       guy, that he may do things with it. ** "Romis glorius", sed Caesar



  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]