Bugtraq mailing list archives

HPUX rexecd bug on trusted system

From: kksocha () ERENJ COM (Kevin K. Sochacki)
Date: Fri, 5 Dec 1997 17:28:18 -0500


This is a multi-part message in MIME format.
--------------6F3285293A87CE54134FB4B0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

I have discovered a bug in rexecd on system running HPUX 10.20 that have
been converted to trusted systems.

Problem:
On unsuccessful login attempts via rexec/rexecd the bad login counter
(u_numunsuclog) is updated as it should, however on any successful login
the bad login counter does not get cleared.  So if users inadvertently
miss type their password even once between successful logins they will
eventually be locked out.  Lockouts should only occur when consecutive
unsuccessful logins exceed the allowed bad logins.

Note:
For those of you how have converted to a trusted system and have not
applied patch PHNE_12161 you are vulnerable to a brut force attack of
guessing password via rexec. Patch PHNE_12161 fix a problem of not
updating the bad login counter (u_numunsuclog) circumvent the lockout
feature of unsuccessful user logins.

This problem has been report to HP and is currently being addressed.

--
(...Later..:)
:)**************************(: Exxon Research & Engineering
(:    _/_/_/ _/_/     _/_/_/:) Kevin K. Sochacki
:)   _/     _/  _/   _/     (: ICS CC124 (908) 730-2911
(:  _/_/_/ _/ _/  & _/_/_/  :) mailto:kksocha () erenj com
:) _/     _/_/     _/       (:   PERSONAL
(:_/_/_/ _/  _/   _/_/_/    :) mailto:kks () superlink net
:)**************************(: http://mars.superlink.net/kks
--------------6F3285293A87CE54134FB4B0
Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Kevin Sochacki
Content-Disposition: attachment; filename="vcard.vcf"

begin:          vcard
fn:             Kevin Sochacki
n:              Sochacki;Kevin
org:            Exxon Research & Engineering
adr:            Route 22 East;;;Annandale;NJ;08801;USA
email;internet: kksocha () erenj com
title:          Contractor
tel;work:       (908) 730-2911
tel;fax:        (908) 730-3823
tel;home:       (908) 874-8414
x-mozilla-cpt:  ;0
x-mozilla-html: TRUE
end:            vcard


--------------6F3285293A87CE54134FB4B0--

Current thread:

HPUX rexecd bug on trusted system Kevin K. Sochacki (Dec 05)
- <Possible follow-ups>
- Re: HPUX rexecd bug on trusted system Security Alert (Dec 05)
- Re: HPUX rexecd bug on trusted system Kevin K. Sochacki (Dec 08)
- Re: HPUX rexecd bug on trusted system Security Alert (Dec 09)