Bugtraq mailing list archives
Re: password backdoors
From: kimminau () Mail Coast NET (Eric Kimminau)
Date: Thu, 11 May 1995 20:21:51 -0400 (EDT)
I am sure your HP engineer was just boasting, I am sure there are no 'password backdoors' in Domain/OS. However, Domain/OS (as installed by default) has many other security holes which allow anyone (preferably with physical access) to do anything they like. Even though this is a full disclosure list, I would prefer not to elaborate on how to expoit these holes, but rather point you to a set of scripts which close most (all?) of them:
Its very possible to boot an HPUX box as root if you have physical access
to the machine, power off, power on, let fsck begin, power off, power on.
Single user fsck root shell.
=============================================================================
//// Eric Kimminau eric () dosgod mi org Dos God at Large. Linux v1.2.x
c-OO '' Take thee this thing covered with that stuff and give it unto that
\ guy, that he may do things with it. ** "Romis glorius", sed Caesar
Current thread:
- Re: password backdoors Dave Mischler (May 10)
- <Possible follow-ups>
- Re: password backdoors Paul Szabo (May 10)
- Re: password backdoors Rick Weldon (May 11)
- Re: password backdoors Eric Kimminau (May 11)
- Re: password backdoors cmcurtin () clipper cb att com (May 10)
- Re: password backdoors Lee J. Silverman (May 11)
- Re: password backdoors Mark Joseph Crosbie (May 11)
- Re: password backdoors Aleph One (May 11)
- Re: password backdoors Lee J. Silverman (May 11)
- Re: password backdoors Randy Rasmussen (May 11)
- Re: password backdoors Larry Kealey (May 11)
- Re: password backdoors Virantha Mendis (May 12)
- Re: password backdoors H Morrow Long (May 11)
- Re: password backdoors Brian Harrington (May 11)
- Re: password backdoors vitor () uminho pt (May 15)
(Thread continues...)