Bugtraq mailing list archives

HPUX sam_exec

From: bogus () command com inter net (bogus technician)
Date: Thu, 18 Jul 1996 17:50:45 +0000


The sam_exec password is "x7vpa5jh".

I sniffed the thing, and it doesn't look like the password is used at all
during any of the transactions -- a .rhosts file gets installed in the
sam_exec home dir, and r* methods are used.  The password does exist in
the clear, though, in the same place it's always been.  strings through
the shared library and it'll be right after the word 'None'; 9.x you'll
see 'None' and then 'Yosemite' on the next line, 10.x you'll see 'None'
and then 'x7vpa5jh' on the next line.  (The remote access shared library
is at /usr/sam/lib/ra/ra.sl, and it looks to be world readable by default.)

Moo

Current thread:

HPUX sam_exec bogus technician (Jul 18)
- <Possible follow-ups>
- Re: HPUX sam_exec Matthew G. Harrigan (Jul 18)
  - Re: HPUX sam_exec Kent Hamilton (Jul 19)
  - quotas? maybe you're not seeing all of it Brett L. Hawn (Jul 21)
  - whoops.. addendum Brett L. Hawn (Jul 21)
  - ping Brian Mitchell (Jul 21)
    - Re: ping David Holland (Jul 22)
    - Re: ping Marek Michalkiewicz (Jul 22)
    - Re: ping Brian Mitchell (Jul 23)
  - ping Brian Mitchell (Jul 21)