Bugtraq mailing list archives
Re: RedHat 6.1 /and others/ PAM
From: thegnome () NMRC ORG (Simple Nomad)
Date: Tue, 1 Feb 2000 17:01:33 -0600
Maybe I should restate. The sploit as it stands didn't work, and even using expect, pty, etc didn't work. Still showing up in syslog on RH 6.1, can someone else confirm/deny? - Simple Nomad - No rest for the Wicca'd - - thegnome () nmrc org - www.nmrc.org - - thegnome () razor bindview com - www.bindview.com - On Tue, 1 Feb 2000, Pavel Kankovsky wrote:
On Mon, 31 Jan 2000, Simple Nomad wrote:Trying to "echo PASSWORD | su ACCOUNT" will elicit a response of "standard in must be a tty..." therefore the sploit would stop on the first word in the list as if it was the correct password. Therefore I fail to see the exact sploit here. I tried this on a stock RH 6.1 machine.Use a pseudoterminal. Expect is your friend. --Pavel Kankovsky aka Peak [ Boycott Microsoft--http://www.vcnet.com/bms ] "Resistance is futile. Open your source code and prepare for assimilation."
Current thread:
- Re: RedHat 6.1 /and others/ PAM Simple Nomad (Jan 31)
- Re: RedHat 6.1 /and others/ PAM Markus Dobel (Feb 01)
- Re: RedHat 6.1 /and others/ PAM Keith Warno (Feb 02)
- Re: RedHat 6.1 /and others/ PAM Ian Turner (Feb 01)
- <Possible follow-ups>
- Re: RedHat 6.1 /and others/ PAM Crashkiller (Feb 01)
- Re: RedHat 6.1 /and others/ PAM Simple Nomad (Feb 01)
- Re: RedHat 6.1 /and others/ PAM Markus Dobel (Feb 01)