Bugtraq mailing list archives
Re: piranha default password/exploit
From: gafton () REDHAT COM (Cristian Gafton)
Date: Tue, 25 Apr 2000 18:13:19 -0400
On Mon, 24 Apr 2000, Max Vision wrote:
The first problem is the default account and password that protect the web directory containing the administrative php3 scripts. This is what ISS called a "backdoor" - which is actually a default password. (If ISS found something other than what I found, please email me...)
I can't speak for ISS, but as the one that handled this errata release form Red Hat's side I can say that they did not discover anything else. I am still trying to figure out how they settled on this "backdoor" term; on the other hand it is hard for me to argue that any other term that applies to this vulnerability does not draw the press crowd and gets the attention that "backdoor" does. It would be fine if they had used this term in order to alert everybody and get more attention from the system administrators rather than the press at large; but again, making it sound like Red Hat intended to screw everybody on purpose gets more hits on the web pages. This is not a backdoor (or the ISS people are being extremely creative with what a backdoor is). If you deploy a service on the Internet without paying any attention to the written documentation (which tells you to change the password), then pretty much you're setting yourself up for this. At any rate, a backdoor and a default password are NOT the same thing and it is a pity to see ISS employing creativity for stretching definitions like this. Cristian -- ---------------------------------------------------------------------- Cristian Gafton -- gafton () redhat com -- Red Hat, Inc. ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ "How could this be a problem in a country where we have Intel and Microsoft?" --Al Gore on Y2K
Current thread:
- Cisco HTTP possible bug:, (continued)
- Cisco HTTP possible bug: Keith Woodworth (Apr 26)
- Alert: Cart32 secret password backdoor (CISADV000427) Cerberus Security Team (Apr 26)
- Re: Alert: Cart32 secret password backdoor (CISADV000427) Bill Borton (Apr 28)
- Re: Alert: Cart32 secret password backdoor (CISADV000427) Knud Erik Højgaard (Mar 30)
- Re: Solaris 7 x86 lpset exploit. Jor (Apr 27)
- Re: Solaris 7 x86 lpset exploit. Casper Dik (Apr 28)
- Re: piranha default password/exploit Cristian Gafton (Apr 25)
- Re: piranha default password/exploit CDI (Apr 25)
- Re: piranha default password/exploit Matt Wilson (Apr 26)
- fingerd Psarras Nikos (Apr 27)
- Re: fingerd Brock Sides (Apr 27)
- Re: fingerd Jeremy Rauch (Apr 27)
- Cartfix Secret Backdoor Patch tool for cart32 Weld Pond (Apr 27)
- Re: ISS Security Advisory: Backdoor Password in Red Hat Linux Virtual Server Package Cristian Gafton (Apr 25)