[PEN-TEST] OS/2 Warp Vulnerability Testing

["Addair, Chris" <chris.addair () EDS COM>]

Greetings,

First let me say that the information I have gathered through the use of
this mail list has been a tremendous asset in performing my daily
operations.  Thank You.

My team is currently involved in a vulnerability assessment in which we have
run across an OS/2 Warp system running a legacy application.  We were unable
to determine the exact version of Warp running at the time of our
pre-assessment visit, but we are assuming it is 3.x or maybe even a 2.x
version.  Since I have practically no experience at all with this OS and we
currently do not have anyone on our team with the OS/2 expertise to perform
a vulnerability assessment,  I would like to ask if anyone of you out there
can provide some guidance in how to approach this task.  Specifically, what
are the OS vulnerabilities, how do we crack user IDs and passwords on this
OS, what tools do you recommend in performing the assessment.

Thank you,

Chris Addair
NVT Team Lead
EDS Information Assurance Services