[3609] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Possible SunOS 5.5.1 sulogin vulnerability

daemon@ATHENA.MIT.EDU (Jason R. Mastaler)
Fri Nov 15 18:05:55 1996

Date: 	Wed, 13 Nov 1996 20:37:01 -0500
Reply-To: "Jason R. Mastaler" <jason@mastaler.com>
From: "Jason R. Mastaler" <jason@mastaler.com>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>

Possible hole in sulogin here?  Under Solaris 2.5.1 (sparc & x86),
executing /sbin/sulogin from an unprivileged user account dumps you
into what appears to be single-user mode with an ugly warning message
without prompting for the root password.  You don't find this with
earlier versions of Solaris (2.5 and lower).

________________________________________________________________

sol251% /sbin/sulogin

*** NO ENTRY FOR root IN PASSWORD FILE! ***

Entering System Maintenance Mode

$

________________________________________________________________

sol25% /sbin/sulogin

Type Ctrl-d to proceed with normal startup,
(or give root password for system maintenance):

________________________________________________________________


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[3609] in bugtraq

Possible SunOS 5.5.1 sulogin vulnerability

daemon@ATHENA.MIT.EDU (Jason R. Mastaler)Fri Nov 15 18:05:55 1996

daemon@ATHENA.MIT.EDU (Jason R. Mastaler)
Fri Nov 15 18:05:55 1996