[2920] in bugtraq
Re: hpux 10.0 remote administration
daemon@ATHENA.MIT.EDU (Matthew G. Harrigan)
Mon Jul 15 16:25:20 1996
Date: Mon, 15 Jul 1996 12:40:24 -0700
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: "Matthew G. Harrigan" <mharrigan@cisco.com>
X-To: Eero Pajarre <eero@vlsi.fi>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
At 10:16 PM 7/15/96 +0300, you wrote:
>sam_exec is still used
>Do you happen to know what password they use for sam_exec ;-)
>(the concept looks dangerous, I have not had time to really
>look at it. But I didn't enable it either...)
Yes. there is a default password. Im not sure if
it has been changed for 10.X, but if you run
crack on it, you will find it without a question.
At that point, anyone can pretty much log into your
machine as sam_exec and hit ctl-c to obtain a
uid 0 shell.
Matt
Matthew G. Harrigan |cisco Systems
Internet Systems Engineer |mharrigan@cisco.com
-------------------------------|408-527-3852 (x63582)
"640K ought to be enough for |Email Pager:
anybody. " - Bill Gates, 1981 |mharrigan@airnote.net
