Bugtraq mailing list archives

Re: nidump on OS X

From: "Martin" <ma () placid tv>
Date: Tue, 17 Sep 2002 17:27:27 +0200 (CEST)

I cannot reproduce this on my 10.2 system.   It does give you the crypted
password ofcurrent user but not the root user.  However this does not prevent you
from using'sudo' so in way way you still get root.

/M

Basically any normal user can get a dump of the passwd file and attempt
 brute force attacks on the encrypted passwds, it includes the root
passwd.

Current thread:

nidump on OS X Dale Harris (Sep 17)
- Re: nidump on OS X Jason A. Fager (Sep 18)
  - Re: nidump on OS X Blake Watters (Sep 19)
- Re: nidump on OS X Bryan Blackburn (Sep 18)
- Re: nidump on OS X Martin (Sep 18)
- Re: nidump on OS X John C. Welch (Sep 18)