[2964] in bugtraq
HPUX sam_exec
daemon@ATHENA.MIT.EDU (bogus technician)
Thu Jul 18 20:36:01 1996
Date: Thu, 18 Jul 1996 17:50:45 +0000
Reply-To: Bugtraq List <BUGTRAQ@netspace.org>
From: bogus technician <bogus@command.com.inter.net>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@netspace.org>
The sam_exec password is "x7vpa5jh".
I sniffed the thing, and it doesn't look like the password is used at all
during any of the transactions -- a .rhosts file gets installed in the
sam_exec home dir, and r* methods are used. The password does exist in
the clear, though, in the same place it's always been. strings through
the shared library and it'll be right after the word 'None'; 9.x you'll
see 'None' and then 'Yosemite' on the next line, 10.x you'll see 'None'
and then 'x7vpa5jh' on the next line. (The remote access shared library
is at /usr/sam/lib/ra/ra.sl, and it looks to be world readable by default.)
Moo
