Home page logo

bugtraq logo Bugtraq mailing list archives

Re: hpux 10.0 remote administration
From: nate () MILL2 MILLCOMM COM (nate)
Date: Mon, 15 Jul 1996 22:06:42 -0500

sam_exec is still used

Do you happen to know what password they use for sam_exec ;-)
(the concept looks dangerous, I have not had time to really
look at it. But I didn't enable it either...)

Yes. there is a default password. Im not sure if
it has been changed for 10.X, but if you run
crack on it, you will find it without a question.
At that point, anyone can pretty much log into your
machine as sam_exec and hit ctl-c to obtain a
uid 0 shell.

HP's analytical products (PA-RISC 9000 700 series workstations, in my
experience) usually running HP-UX v9.0x also are shipped with some weak
default accounts:  csadmin (pw:hp), chemist, user1 - user8.  csadmin can
basically do anything on the system..   Designed with a small, private
LAN in mind, HP seems to underestimate security on these machines.  I
would imagine that more than a few find there way onto larger networks,
however.  I just solve the problem by disabling the accounts, they are
seldom needed after non-networked configuration, if even then.

-Nate Smith <nate () millcomm com> || http://www.millcomm.com/~nate

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]