Bugtraq mailing list archives
HPUX rexecd bug on trusted system
From: kksocha () ERENJ COM (Kevin K. Sochacki)
Date: Fri, 5 Dec 1997 17:28:18 -0500
This is a multi-part message in MIME format. --------------6F3285293A87CE54134FB4B0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Hi, I have discovered a bug in rexecd on system running HPUX 10.20 that have been converted to trusted systems. Problem: On unsuccessful login attempts via rexec/rexecd the bad login counter (u_numunsuclog) is updated as it should, however on any successful login the bad login counter does not get cleared. So if users inadvertently miss type their password even once between successful logins they will eventually be locked out. Lockouts should only occur when consecutive unsuccessful logins exceed the allowed bad logins. Note: For those of you how have converted to a trusted system and have not applied patch PHNE_12161 you are vulnerable to a brut force attack of guessing password via rexec. Patch PHNE_12161 fix a problem of not updating the bad login counter (u_numunsuclog) circumvent the lockout feature of unsuccessful user logins. This problem has been report to HP and is currently being addressed. -- (...Later..:) :)**************************(: Exxon Research & Engineering (: _/_/_/ _/_/ _/_/_/:) Kevin K. Sochacki :) _/ _/ _/ _/ (: ICS CC124 (908) 730-2911 (: _/_/_/ _/ _/ & _/_/_/ :) mailto:kksocha () erenj com :) _/ _/_/ _/ (: PERSONAL (:_/_/_/ _/ _/ _/_/_/ :) mailto:kks () superlink net :)**************************(: http://mars.superlink.net/kks --------------6F3285293A87CE54134FB4B0 Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf" Content-Transfer-Encoding: 7bit Content-Description: Card for Kevin Sochacki Content-Disposition: attachment; filename="vcard.vcf" begin: vcard fn: Kevin Sochacki n: Sochacki;Kevin org: Exxon Research & Engineering adr: Route 22 East;;;Annandale;NJ;08801;USA email;internet: kksocha () erenj com title: Contractor tel;work: (908) 730-2911 tel;fax: (908) 730-3823 tel;home: (908) 874-8414 x-mozilla-cpt: ;0 x-mozilla-html: TRUE end: vcard --------------6F3285293A87CE54134FB4B0--
Current thread:
- HPUX rexecd bug on trusted system Kevin K. Sochacki (Dec 05)
- <Possible follow-ups>
- Re: HPUX rexecd bug on trusted system Security Alert (Dec 05)
- Re: HPUX rexecd bug on trusted system Kevin K. Sochacki (Dec 08)
- Re: HPUX rexecd bug on trusted system Security Alert (Dec 09)