[3651] in bugtraq
Re: BoS: Magic password of some linux-box(Hardware..)
daemon@ATHENA.MIT.EDU (Sergiu Popovici)
Tue Nov 19 22:51:12 1996
Date: Tue, 19 Nov 1996 17:07:23 +0200
Reply-To: Sergiu Popovici <svp@interbit.ro>
From: Sergiu Popovici <svp@interbit.ro>
X-To: Seo Euiseong <paladin@intersys.kaist.ac.kr>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <199611180333.MAA29024@intersys.kaist.ac.kr>
On Mon, 18 Nov 1996, Seo Euiseong wrote:
===>Date: Mon, 18 Nov 1996 12:33:33 +0900
===>From: Seo Euiseong <paladin@intersys.kaist.ac.kr>
===>To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
===>Subject: BoS: Magic password of some linux-box(Hardware..)
===>Resent-Date: Tue, 19 Nov 1996 10:16:38 +1100
===>Resent-From: best-of-security@suburbia.net
===>
===>In recent, there are lots of host runs Linux, FreeBSD, etc...
===>
===>Many administrarot believes that System Password that main board support is
===>
===>fully secure to prevent the console hacker from cracking in front of the system
===>
===>But, It is a very "Unsecure" thought.
===>
===>A few days ago, my friend mistyped his console password, "condo,".
===>
===>The BIOS vendor of his system was AWARD.
===>
===>Then, The BIOS accept the password like a real password and booting,
===>
===>gives the permission to set up the bios.
===>
===>I thought that it was a bug of a version of award bios.
===>
===>But, It's not true. Unfortunately almost versions of award bios has the
===>
===>magic password "condo,"
===>
===>
===>I was very afraid of the increasing of console hacking on many linux box.
===>
===>I wanna know the real fact of this magic password, and How can I disable
===>it.
===>
Try also "589589". Is the same thing.
=====================================================================
== -------- ==== sergiu@cryogen.com ==
== Sergiu Popovici == http://cryogen.interbit.ro/ ==
== --------- === http://ftp.interbit.ro/~svp ==
=====================================================================
