Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:
edgeos



Bugtraq: Re: vlock vulnerability in RedHat 7.0

Re: vlock vulnerability in RedHat 7.0

From: Vladislav V. Mikhailov <solar_at_LINKEXPERT.NET>
Date: Wed, 8 Nov 2000 12:04:22 +0300

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

That does not work on RH6.x. with vlock version 1.3

Best regards,
Vladislav V. Mikhailov

>I've tried to lock all virtual consoles
>in RedHat 7.0 using vlock, which
>is delivered with this release of RedHat.
>
>If user root locks all consoles - it's no problem,
>but if normal user locks consoles then
>anybody can unlock without typing a password.
>
>Try to use it in the following way:
>
>1. logon as an ordinary user on tty1
>2. logon as root on tty2
>3. Type on tty1 vlock -a
>4. All consoles will be locked.
>5. When vlock asks for password
>press ENTER and don't release the key
>until you see message 'broken pipe'.
>6. If you see it all two consoles are unlocked.
>
>Regards,
>
>Bartlomiej Grzybicki ############################
>MORLINY SA http://www.morliny.pl
>bgrzybicki@morliny.pl http://www.bgrzybicki.morliny.pl
>mobile: +48 601 279 976 ########################
>

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBOgjs5lqnq79lp5QUEQINcQCffQ2cmn+dYtY7e1r5mcuDjrYo8F4AnAm6
V55QUGvBRkq3Qr14RXoIPT77
=SUif
-----END PGP SIGNATURE-----
Received on Nov 09 2000

[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]