Bugtraq mailing list archives

Re: IRIX 6.2 passwordless accounts exploit?

From: deraison () WORLDNET FR (Renaud Deraison)
Date: Tue, 29 Sep 1998 20:58:16 +0200


On 29-Sep-98 Charl Botha wrote:

On Mon, 28 Sep 1998, Dan Stromberg wrote:

We've had a lot of script kiddies running an exploit against our campus,
that checks for accounts that are passwordless by default in IRIX 6.2 -
like 4Dgifts, EZsetup, and so on.  I've seen indications this isn't
limited to our campus...


Have a look at www.nessus.org -- Nessus is a network security tool that
definitely scans for these default accounts.


Well, in fact there is a bug in the current version which will
boost your adrenaline for nothing : some accounts are said to
be passwordless, whereas they are not.
I suggest that you use the work-in-progress version instead,
(available at http://www.nessus.org/wip/) which corrects this
problem and adds several new checks (there are now 109 plugins in
Nessus).


                        -- Renaud

--
Renaud Deraison <deraison () worldnet fr>
The Nessus Project -- http://www.nessus.org
                      http://www.{fr,fi,jp}.nessus.org

Current thread:

Re: mountd- more info (sorry), (continued)
- - - Re: mountd- more info (sorry) John Caldwell (Sep 29)
    - Re: mountd- more info (sorry) Anthony C. Zboralski (Sep 30)
    - more rpc.mountd jason valentine (Sep 30)
    - Netscape Cache Exploit - source code Ken Williams (Sep 29)
    - Re: IRIX 6.2 passwordless accounts exploit? Kevin Hawkins (Sep 30)
    - Sun Security Bulletin #00176 joshua grubman (Sep 30)
    - Re: IRIX 6.2 passwordless accounts exploit? morex .- (Sep 28)
    - mountd remote exploit? John Caldwell (Sep 28)
    - Re: mountd remote exploit? morex .- (Sep 28)
    - Re: IRIX 6.2 passwordless accounts exploit? Charl Botha (Sep 29)
    - Re: IRIX 6.2 passwordless accounts exploit? Renaud Deraison (Sep 29)
    - rpc.mountd exploit Hudin Lucian (Sep 29)