Home page logo
/

bugtraq logo Bugtraq mailing list archives

NIS/YP hole
From: ultima () CORINNE MAC EDU (ultima () CORINNE MAC EDU)
Date: Sat, 22 Feb 1997 06:05:12 -0000


SCO OpenSERVER 5 exhibits a similar hole, the default login program doesn't prompt you for old passwd once it has 
expired. And with the many passwd-file-stealing-exploits its not hard to get the file, then analyze it to find which 
accounts have expired passwords (This data is kept in the last few characters of the password field). This is a pretty 
big hole, and jack0's post reminded me of it...



  By Date           By Thread  

Current thread:
  • NIS/YP hole ultima () CORINNE MAC EDU (Feb 22)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]