Re: IRIX 6.2 passwordless accounts exploit?

From: Charl Botha (cpbothaat_private)
Date: Tue Sep 29 1998 - 01:27:36 PDT

Next message: Ken Williams: "Netscape Cache Exploit - source code"

Previous message: tiago: "rpc.mountd vulnerabilities"
Maybe in reply to: Dan Stromberg: "IRIX 6.2 passwordless accounts exploit?"
Next in thread: Renaud Deraison: "Re: IRIX 6.2 passwordless accounts exploit?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Mon, 28 Sep 1998, Dan Stromberg wrote:
> We've had a lot of script kiddies running an exploit against our campus,
> that checks for accounts that are passwordless by default in IRIX 6.2 -
> like 4Dgifts, EZsetup, and so on.  I've seen indications this isn't
> limited to our campus...

Have a look at www.nessus.org -- Nessus is a network security tool that
definitely scans for these default accounts.

Charl

---------------------------------------------------------------------------
Charl Botha

E-Mail cpbothaat_private

Image Processing and Pattern Recognition
Digital Signal Processing Group <http://dsp.ee.sun.ac.za>
Department of Electronic Engineering
University of Stellenbosch
South Africa

Next message: Ken Williams: "Netscape Cache Exploit - source code"
Previous message: tiago: "rpc.mountd vulnerabilities"
Maybe in reply to: Dan Stromberg: "IRIX 6.2 passwordless accounts exploit?"
Next in thread: Renaud Deraison: "Re: IRIX 6.2 passwordless accounts exploit?"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:18:05 PDT