Bugtraq mailing list archives
Possible login name leak on SunOS 5.6
From: petek () bsod net (Pete Krawczyk)
Date: Mon, 12 Oct 1998 15:43:27 -0500
It is possible for a user with time on his hands to obtain a few login names on a SunOS 5.6 box with Desktop Login enabled. At the gui login screen, the user is asked for a login name. When the user inputs it, the login client checks the user's preferences for which wm the user will use and displays the wm choice as a graphic to the right of the password prompt. If the user has chosen a different wm from the default (i.e. OpenWindows instead of CDE), this will be reflected by the picture on the right. Thus, an attacker could keep trying usernames until he finds one where the wm graphic is not the same as the default wm graphic. This has been tested and confirmed on stock SunOS 5.6. -Pete K -- Pete Krawczyk pkrawczy at uiuc dot edu -or- petek at mc dot net http://www.uiuc.edu/ph/www/pkrawczy Finger for PGP public key If you attempt to mail me at pkrawczy () mc net, I will not get it.
Current thread:
- linux 2.0.35 ip aliasing with aliased hwaddr Mike Baker (Oct 06)
- Re: linux 2.0.35 ip aliasing with aliased hwaddr Oliver Friedrichs (Oct 06)
- Redhat man exploit Neil Trobaugh (Oct 07)
- Re: Redhat man exploit Scott Stone (Oct 08)
- Computer Security Day (DISC 98) in Mexico Area de Seguridad en Computo (Oct 12)
- Re: Redhat man exploit Mike (Oct 12)
- Possible login name leak on SunOS 5.6 Pete Krawczyk (Oct 12)
- Re: Redhat man exploit John Brahy (Oct 09)
- Redhat man exploit Neil Trobaugh (Oct 07)
- Overflow in zgv-4.1? onix (Oct 07)
- Re: Overflow in zgv-4.1? Paul Boehm (Oct 09)
- The Cuartango Security Hole in IE4 Aleph One (Oct 12)
- SCO Openserver 5.0.5 syn-floodable Eric (Oct 08)
- Re: linux 2.0.35 ip aliasing with aliased hwaddr pedward () WEBCOM COM (Oct 08)
- more Netscape 4.07 javascript security Max Vision (Oct 08)
- Re: more Netscape 4.07 javascript security Peter W (Oct 11)
- Another Netscape 4.07 cache reading bug Georgi Guninski (Oct 08)
- Re: Another Netscape 4.07 cache reading bug Ken Williams (Oct 08)
- Re: linux 2.0.35 ip aliasing with aliased hwaddr Oliver Friedrichs (Oct 06)