Bugtraq mailing list archives

Re: piranha default password/exploit

From: cdi () THEWEBMASTERS NET (CDI)
Date: Tue, 25 Apr 2000 18:36:52 -0700


On Mon, 24 Apr 2000, Max Vision wrote:

The first problem is the default account and password that protect the web
directory containing the administrative php3 scripts.


This is, I think, the crux of the problem.  "Default passwords" are, by
definition, not passwords. They are crutches used by lazy developers and
are all too often left unchanged by even more lazy administrators.

OK, so they've fixed the poorly thought out system call that led to
this compromise, but I'd suggest a change to the RPM spec file for the
next build. Something like this should work? (Philip?) - force them to set
a password during the installation process...

----------<snip>----------
--- piranha.spec.in.orig        Mon Apr 24 00:35:34 2000
+++ piranha.spec.in     Tue Apr 25 18:12:55 2000
@@ -115,6 +115,7 @@

 %post gui
 chown nobody /home/httpd/html/piranha/secure/passwords
+htpasswd /home/httpd/html/piranha/secure/passwords piranha

 %changelog
 * Sat Apr 23 2000 Philip Copeland <copeland () redhat com>

----------<snip>----------

CDI
____________________________________
The Web Master's Net
http://www.thewebmasters.net/
Today's Excuse:
Sysadmin accidentally destroyed pager with a large hammer.

Current thread:

Alert: Cart32 secret password backdoor (CISADV000427), (continued)
- - - Alert: Cart32 secret password backdoor (CISADV000427) Cerberus Security Team (Apr 26)
    - Re: Alert: Cart32 secret password backdoor (CISADV000427) Bill Borton (Apr 28)
    - Re: Alert: Cart32 secret password backdoor (CISADV000427) Knud Erik Højgaard (Mar 30)
    - Re: Solaris 7 x86 lpset exploit. Jor (Apr 27)
    - Re: Solaris 7 x86 lpset exploit. Casper Dik (Apr 28)
- SECURITY: [RHSA-2000:014-10] Updated piranha packages available Cristian Gafton (Apr 24)
- FreeBSD Security Advisory: FreeBSD-SA-00:14.imap-uw FreeBSD Security Officer (Apr 24)
- FreeBSD Security Advisory: FreeBSD-SA-00:15.imap-uw FreeBSD Security Officer (Apr 24)
- piranha default password/exploit Max Vision (Apr 24)
  - Re: piranha default password/exploit Cristian Gafton (Apr 25)
  - Re: piranha default password/exploit CDI (Apr 25)
    - Re: piranha default password/exploit Matt Wilson (Apr 26)
    - fingerd Psarras Nikos (Apr 27)
    - Re: fingerd Brock Sides (Apr 27)
    - Re: fingerd Jeremy Rauch (Apr 27)
    - Cartfix Secret Backdoor Patch tool for cart32 Weld Pond (Apr 27)
- ISS Security Advisory: Backdoor Password in Red Hat Linux Virtual Server Package Aleph One (Apr 25)
  - Re: ISS Security Advisory: Backdoor Password in Red Hat Linux Virtual Server Package Cristian Gafton (Apr 25)