Bugtraq mailing list archives
Re: nidump on OS X
From: "Martin" <ma () placid tv>
Date: Tue, 17 Sep 2002 17:27:27 +0200 (CEST)
I cannot reproduce this on my 10.2 system. It does give you the crypted password ofcurrent user but not the root user. However this does not prevent you from using'sudo' so in way way you still get root. /M
Basically any normal user can get a dump of the passwd file and attempt brute force attacks on the encrypted passwds, it includes the root passwd.
Current thread:
- nidump on OS X Dale Harris (Sep 17)
- Re: nidump on OS X Jason A. Fager (Sep 18)
- Re: nidump on OS X Blake Watters (Sep 19)
- Re: nidump on OS X Bryan Blackburn (Sep 18)
- Re: nidump on OS X Martin (Sep 18)
- Re: nidump on OS X John C. Welch (Sep 18)
- Re: nidump on OS X Jason A. Fager (Sep 18)