Bugtraq mailing list archives
Re: BoS: Magic password of some linux-box(Hardware..)
From: moost () xs4all nl (moost () xs4all nl)
Date: Wed, 20 Nov 1996 11:29:29 +0100
On Mon, 18 Nov 1996, Seo Euiseong wrote:
In recent, there are lots of host runs Linux, FreeBSD, etc... Many administrarot believes that System Password that main board support is fully secure to prevent the console hacker from cracking in front of the system But, It is a very "Unsecure" thought. A few days ago, my friend mistyped his console password, "condo,". The BIOS vendor of his system was AWARD. Then, The BIOS accept the password like a real password and booting, gives the permission to set up the bios. I thought that it was a bug of a version of award bios. But, It's not true. Unfortunately almost versions of award bios has the magic password "condo,"
Some manuals of mainboards describe this 'feature'. Most Award bioses I've come across respon to the password AWARD_SW (mind the case) and will allow altering of the bios or just regular booting. Ofcourse this is meant as a sort of 'last' recover option, but for me it seems a little foolish to make this default to all Award Bioses.. M. Oosterink
Current thread:
- Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2)., (continued)
- Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Alan Brown (Nov 17)
- Digital Unix v3.x (v4.x?) security vulnerability Eric Augustus (Nov 16)
- Re: Digital Unix v3.x (v4.x?) security vulnerability hj () globecom net (Nov 17)
- Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Bryan Reece (Nov 17)
- Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Simon Karpen (Nov 17)
- Magic password of some linux-box(Hardware..) Seo Euiseong (Nov 17)
- rplayd on HPUX 10.1 Henrik P Johnson (Nov 19)
- Re: BoS: Magic password of some linux-box(Hardware..) Sergiu Popovici (Nov 19)
- Re: BoS: Magic password of some linux-box(Hardware..) Sergei A. Golubchik (Nov 19)
- Irix: root exploit for LicenseManager Yuri Volobuev (Nov 19)
- Re: BoS: Magic password of some linux-box(Hardware..) moost () xs4all nl (Nov 20)
- Ascend Killer Program Aleph One (Nov 17)
- Serious hole in Solaris 2.5[.1] gethostbyname() (exploit included) Jeremy Elson (Nov 18)
- Re: Serious hole in Solaris 2.5[.1] gethostbyname() (exploit Craig Raskin (Nov 18)
- Re: Serious hole in Solaris 2.5[.1] gethostbyname() (exploit Paul B. Henson (Nov 18)
- Re: Serious hole in Solaris 2.5[.1] gethostbyname() (exploit Russell Street (Nov 18)
- ALERT: Solaris 2.5.1 locks up on TCP connections in Pine 3.9x Todd Vierling (Nov 18)
- Re: ALERT: Solaris 2.5.1 locks up on TCP connections in Pine 3.9x Brian Harvell (Nov 20)
- Digital Unix v3.x (v4.x?) security vulnerability Eric Augustus (Nov 16)
- ssh w/ solaris 2.5.[1] Aleph One (Nov 18)
- Re: Serious hole in Solaris 2.5[.1] gethostbyname() (exploit Mike Battersby (Nov 18)
- Re: Serious hole in Solaris 2.5[.1] gethostbyname() (exploit Casper Dik (Nov 19)
- Re: Exploit for sendmail smtpd bug (ver. 8.7-8.8.2). Alan Brown (Nov 17)