Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Ubuntu 11.10 now unsecure by default
From: Dave <mrx () propergander org uk>
Date: Thu, 17 Nov 2011 16:28:41 +0000

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 16/11/2011 19:23, Olivier wrote:
Hi list,

Backdoors in ubuntu are now called features :

https://answers.launchpad.net/ubuntu/+source/lightdm/+question/175756

Unfortunately remote SSH connection are not allowed, I suggest guest account to be silently add in /etc/shadow for 
12.04. It could be the 
best Ubuntu April fool ever.

Maybe calibre could also be installed by default, for a root shell out of the box.



Hi,

What is the password for this guest account?
Is the password random generated?

Is remote access of any kind enabled by default for this guest account?

In what way is the guest account different from any of the half dozen or so other accounts(with the obvious exception 
of access rights)
created during a default Ubuntu install?

How insecure is it really?

I am not an Ubuntu expert so these are genuine questions, I am far to busy to research this at this time so I ask these 
questions in the hope
than an Ubuntu Guru comes forth and either allays all my/your/our fears(if they exist) or scares me/us into action.

regards
Dave
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQEVAwUBTsU2ObIvn8UFHWSmAQIejggApAFANEVXN7ShqSPN8397EoYZaIOqF7W3
UxGdf1pKq6BxvFUmpmzQEy+ocwyBy/GqCupGFfqcTIRFYLg6uXlXRxNHoZB6eNqw
cpiOi1f2x08GAs7QIy+L7St/I6BUoUi7hx7WXMFJUVu/mp297IiJjLT7Tp489v3X
nv99DTWwkRx9DpYxf1MUruQKhR85aoWylDyPVUzwSRDiqMS4hQMDbQqBM0kzK89L
UmqVYgO+4zWuSKAqY5oBBy0fBPgOHGLvrpNxvfgAYAIMAGD6pAt/nQxAS0s8Rukc
rrJw3HRtXIPlq1tsWGZ2gdt8oaakk4sAvYXq8D2kH7aOeZflF2DrNg==
=vNit
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]
AlienVault