Bugtraq mailing list archives
Re: Redhat 6.0 Password Issues
From: jhigham () BIGSKY NET (Josh Higham)
Date: Fri, 10 Sep 1999 09:06:50 -0600
Gentleman; I submitted what I thought was a minor issue on Redhat's handling of passwords. Is it me? Is it something I missed? Any password you assign over 8 characters gets cut...
This is a result of UNIX crypt (I believe). Standard unix passwords only handle the first 8 characters of a password; RH6.0 allows you to install MD5 passwords, which can give you additional length, if desired.
At first I thought it was my system but its not since I tested it at home, but then at work its the same thing: ------snip------ passwd I typed it p4$sW3rd$ as my password but I was able to log in using p4$sW3rD ctrl-alt-del bash $ passwd changed it to 1234567899999 and I was able to log in using: 12345678 -----endsnip----- Does anyone else know of this? Has anyone heard of this? by the way I bcc'd this to Redhat as well. ;) -=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=- Yours Truly J. Oquendo sil () antioffline com sil () macroshaft org "Linux -- Where you really can go tommorow" ID 0x1281EC4F DH/DSS 4096/1024 CIPHER: CAST PGP Fingerprint 46C0 6A83 E6D2 FEA6 383A B9A6 44D3 4E77 1281 EC4F -----BEGIN PGP SIGNATURE----- Version: PGP Personal Privacy 6.0.2 iQA/AwUBN6d/aETTTncSgexPEQLuAgCfRF5dpZii9yEPnqZ+F+ AEbzB+KL0An3mXPk+Y8lZxkr0crgw72zPX5w71=tCpK -----END PGP SIGNATURE-----
Current thread:
- Redhat 6.0 Password Issues root3d (Sep 08)
- <Possible follow-ups>
- Re: Redhat 6.0 Password Issues Josh Higham (Sep 10)
- Re: Redhat 6.0 Password Issues Erik Parker (Sep 11)
- Re: Redhat 6.0 Password Issues Alan Brown (Sep 11)
- CGI security Kerb (Sep 12)
- Re: CGI security Ivo van der Wijk (Sep 13)
- Re: CGI security Vladimir Dubrovin (Sep 14)
- Re: CGI security Arturo Busleiman (Sep 14)
- Multiple vulnerabilities in CDE Job de Haas (Sep 13)
- Re: Multiple vulnerabilities in CDE Troy A. Bollinger (Sep 13)
- Re: Multiple vulnerabilities in CDE Dan Astoorian (Sep 14)
- Vulnerability in dtspcd Job de Haas (Sep 13)