Bugtraq mailing list archives
Re: RH 6.0 shadow passwords and locking users bug
From: shuman () ANNEXGRP ORG (Shuman)
Date: Thu, 2 Sep 1999 05:24:02 +0600
On Mon, 30 Aug 1999, Prince Ctrl wrote: [ When administering a Red Hat 6.0 server and locking users with the [ 'passwd -l <user>' command, and then unlocking a user with the 'passwd [ -u <user>' command, a control character is added to the end of a [ users' encrypted password in the form of a "^Q" in the shadowed passwd [ file. The "usermod" program, a part of shadow-utils that comes with RedHat 6.0 has a similar feature and does NOT has this "^Q" problem when unlocking. To lock an account: usermod -L username To unlock an account: usermod -U username [ OS affected/tested: Red Hat 6.0 Too bad, I just upgraded the last RH 5.2 box to 6.0 today! --- M S Anam <shuman () annexgrp org> Annex Group, Bangladesh We hack to learn! Those who can't write, write manuals.
Current thread:
- RH 6.0 shadow passwords and locking users bug Prince Ctrl (Aug 30)
- Re: RH 6.0 shadow passwords and locking users bug Shuman (Sep 01)
- Re: RH 6.0 shadow passwords and locking users bug Walter Klomp (Sep 04)
- SECURITY: RHSA-1999:033 Buffer overflow problem in the inews program Cristian Gafton (Sep 01)
- Re: RH 6.0 shadow passwords and locking users bug bandregg () REDHAT COM (Sep 02)
- <Possible follow-ups>
- Re: RH 6.0 shadow passwords and locking users bug Alex Alvarez (Sep 06)
- Re: RH 6.0 shadow passwords and locking users bug Prince Ctrl (Sep 09)
- Re: RH 6.0 shadow passwords and locking users bug Shuman (Sep 01)