Bugtraq mailing list archives
Re: hpux 10.0 remote administration
From: Matt_Barrie () oti com (Matt Barrie SYD)
Date: Tue, 16 Jul 1996 00:02:21 -0600
Hmmm. I have a hpux (10.01) box here. I took a brief look at it and a) can't see where the default (or any password) is used, nor b) see where sam_exec is used. Is sam_exec an executable or a system call? The documentation mentions a few things have been completely revised in 10.x re remote clusters etc, so if you could tell me precisely to look for these problems, I'll tell you if theyre still around matt ----------
sam_exec is still usedDo you happen to know what password they use for sam_exec ;-) (the concept looks dangerous, I have not had time to really look at it. But I didn't enable it either...)Yes. there is a default password. Im not sure if it has been changed for 10.X, but if you run crack on it, you will find it without a question.
Where is this encrypted password stored?
At that point, anyone can pretty much log into your machine as sam_exec and hit ctl-c to obtain a uid 0 shell.
Current thread:
- Re: hpux 10.0 remote administration Matthew G. Harrigan (Jul 15)
- Re: hpux 10.0 remote administration nate (Jul 15)
- <Possible follow-ups>
- Re: hpux 10.0 remote administration Matt Barrie SYD (Jul 15)
- Re: hpux 10.0 remote administration Matthew G. Harrigan (Jul 16)