[10810] in bugtraq
Re: vulnerability in su/PAM in redhat
daemon@ATHENA.MIT.EDU (Javi Polo)
Sat Jun 12 17:20:46 1999
X-Envelope-To: <javipolo@infomail.lacaixa.es>
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=ISO-8859-1
Content-Transfer-Encoding: QUOTED-PRINTABLE
Message-Id: <Pine.LNX.4.05.9906111236510.886-100000@oioio.dhis.org>
Date: Fri, 11 Jun 1999 12:38:02 +0000
Reply-To: javipolo@infomail.lacaixa.es
From: Javi Polo <javipolo@INFOMAIL.LACAIXA.ES>
X-To: Tani Hosokawa <unknown@RIVERSTYX.NET>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.4.10.9906091403070.27189-100000@avarice.riverstyx.net>
On Wed, 9 Jun 1999, Tani Hosokawa wrote:
> with redhat has a slight hole. When you try to su to root (for exampl=
e) if
> it's successful, immediately gives you a shell prompt. Otherwise, it
> delays a full second, then logs an authentication failure to syslog. =
If
> you hit break in that second, no error, plus you know that the passwo=
rd
> was bad, so you can brute force root's password. I wrote a little
Checked ....
Confirmed for su that comes with
sh-utils-1.16-14
and using
pam-0.64-3
Ta luegos ...... Oh my God! They killed Kenny!!!!!!
Javi Polo ;)
Me puedes encontrar en fido en 2:347/13.4 yo tambi=E9n 3000ya.com
AUTOPISTA NO!!!!!!!!!!! No a l'autopista de llevant
