HPUX rexecd bug on trusted system

From: Kevin K. Sochacki (kksochaat_private)
Date: Fri Dec 05 1997 - 14:28:18 PST

Next message: obiat_private: "Buggy /usr/bin shell scripts"

Previous message: Roger Harrison ?: "pinelock.csh exploit"
Next in thread: Security Alert: "Re: HPUX rexecd bug on trusted system"
Maybe reply: Security Alert: "Re: HPUX rexecd bug on trusted system"
Reply: Kevin K. Sochacki: "Re: HPUX rexecd bug on trusted system"
Reply: Security Alert: "Re: HPUX rexecd bug on trusted system"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is a multi-part message in MIME format.
--------------6F3285293A87CE54134FB4B0
Content-Type: text/plain; charset=us-ascii
Content-Transfer-Encoding: 7bit

Hi,

I have discovered a bug in rexecd on system running HPUX 10.20 that have
been converted to trusted systems.

Problem:
On unsuccessful login attempts via rexec/rexecd the bad login counter
(u_numunsuclog) is updated as it should, however on any successful login
the bad login counter does not get cleared.  So if users inadvertently
miss type their password even once between successful logins they will
eventually be locked out.  Lockouts should only occur when consecutive
unsuccessful logins exceed the allowed bad logins.

Note:
For those of you how have converted to a trusted system and have not
applied patch PHNE_12161 you are vulnerable to a brut force attack of
guessing password via rexec. Patch PHNE_12161 fix a problem of not
updating the bad login counter (u_numunsuclog) circumvent the lockout
feature of unsuccessful user logins.

This problem has been report to HP and is currently being addressed.

--
(...Later..:)
:)**************************(: Exxon Research & Engineering
(:    _/_/_/ _/_/     _/_/_/:) Kevin K. Sochacki
:)   _/     _/  _/   _/     (: ICS CC124 (908) 730-2911
(:  _/_/_/ _/ _/  & _/_/_/  :) mailto:kksochaat_private
:) _/     _/_/     _/       (:   PERSONAL
(:_/_/_/ _/  _/   _/_/_/    :) mailto:kksat_private
:)**************************(: http://mars.superlink.net/kks
--------------6F3285293A87CE54134FB4B0
Content-Type: text/x-vcard; charset=us-ascii; name="vcard.vcf"
Content-Transfer-Encoding: 7bit
Content-Description: Card for Kevin Sochacki
Content-Disposition: attachment; filename="vcard.vcf"

begin:          vcard
fn:             Kevin Sochacki
n:              Sochacki;Kevin
org:            Exxon Research & Engineering
adr:            Route 22 East;;;Annandale;NJ;08801;USA
email;internet: kksochaat_private
title:          Contractor
tel;work:       (908) 730-2911
tel;fax:        (908) 730-3823
tel;home:       (908) 874-8414
x-mozilla-cpt:  ;0
x-mozilla-html: TRUE
end:            vcard


--------------6F3285293A87CE54134FB4B0--

Next message: obiat_private: "Buggy /usr/bin shell scripts"
Previous message: Roger Harrison ?: "pinelock.csh exploit"
Next in thread: Security Alert: "Re: HPUX rexecd bug on trusted system"
Maybe reply: Security Alert: "Re: HPUX rexecd bug on trusted system"
Reply: Kevin K. Sochacki: "Re: HPUX rexecd bug on trusted system"
Reply: Security Alert: "Re: HPUX rexecd bug on trusted system"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:34:58 PDT