Bugtraq mailing list archives
Re: IRIX 6.2 passwordless accounts exploit?
From: cpbotha () SUN AC ZA (Charl Botha)
Date: Tue, 29 Sep 1998 10:27:36 +0200
On Mon, 28 Sep 1998, Dan Stromberg wrote:
We've had a lot of script kiddies running an exploit against our campus, that checks for accounts that are passwordless by default in IRIX 6.2 - like 4Dgifts, EZsetup, and so on. I've seen indications this isn't limited to our campus...
Have a look at www.nessus.org -- Nessus is a network security tool that definitely scans for these default accounts. Charl --------------------------------------------------------------------------- Charl Botha E-Mail cpbotha () sun ac za Image Processing and Pattern Recognition Digital Signal Processing Group <http://dsp.ee.sun.ac.za> Department of Electronic Engineering University of Stellenbosch South Africa
Current thread:
- ISS Security Advisory: Snork, (continued)
- ISS Security Advisory: Snork X-Force (Sep 29)
- Re: mountd- more info (sorry) John Caldwell (Sep 29)
- Re: mountd- more info (sorry) Anthony C. Zboralski (Sep 30)
- more rpc.mountd jason valentine (Sep 30)
- Netscape Cache Exploit - source code Ken Williams (Sep 29)
- Re: IRIX 6.2 passwordless accounts exploit? Kevin Hawkins (Sep 30)
- Sun Security Bulletin #00176 joshua grubman (Sep 30)
- Re: IRIX 6.2 passwordless accounts exploit? morex .- (Sep 28)
- mountd remote exploit? John Caldwell (Sep 28)
- Re: mountd remote exploit? morex .- (Sep 28)
- Re: IRIX 6.2 passwordless accounts exploit? Charl Botha (Sep 29)
- Re: IRIX 6.2 passwordless accounts exploit? Renaud Deraison (Sep 29)
- rpc.mountd exploit Hudin Lucian (Sep 29)