[8078] in bugtraq
Re: IRIX 6.2 passwordless accounts exploit?
daemon@ATHENA.MIT.EDU (Renaud Deraison)
Tue Sep 29 16:01:27 1998
Date: Tue, 29 Sep 1998 20:58:16 +0200
Reply-To: Renaud Deraison <deraison@WORLDNET.FR>
From: Renaud Deraison <deraison@WORLDNET.FR>
X-To: Charl Botha <cpbotha@SUN.AC.ZA>,
Dan Stromberg <strombrg@NIS.ACS.UCI.EDU>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.3.96.980929102654.7883C-100000@angst.dsp.sun.ac.za>
On 29-Sep-98 Charl Botha wrote:
> On Mon, 28 Sep 1998, Dan Stromberg wrote:
>> We've had a lot of script kiddies running an exploit against our campus,
>> that checks for accounts that are passwordless by default in IRIX 6.2 -
>> like 4Dgifts, EZsetup, and so on. I've seen indications this isn't
>> limited to our campus...
>
> Have a look at www.nessus.org -- Nessus is a network security tool that
> definitely scans for these default accounts.
Well, in fact there is a bug in the current version which will
boost your adrenaline for nothing : some accounts are said to
be passwordless, whereas they are not.
I suggest that you use the work-in-progress version instead,
(available at http://www.nessus.org/wip/) which corrects this
problem and adds several new checks (there are now 109 plugins in
Nessus).
-- Renaud
--
Renaud Deraison <deraison@worldnet.fr>
The Nessus Project -- http://www.nessus.org
http://www.{fr,fi,jp}.nessus.org
