On Wed, 9 Jun 1999, Tani Hosokawa wrote: > with redhat has a slight hole. When you try to su to root (for example) if > it's successful, immediately gives you a shell prompt. Otherwise, it > delays a full second, then logs an authentication failure to syslog. If > you hit break in that second, no error, plus you know that the password > was bad, so you can brute force root's password. I wrote a little Checked .... Confirmed for su that comes with sh-utils-1.16-14 and using pam-0.64-3 Ta luegos ...... Oh my God! They killed Kenny!!!!!! Javi Polo ;) Me puedes encontrar en fido en 2:347/13.4 yo también 3000ya.com AUTOPISTA NO!!!!!!!!!!! No a l'autopista de llevant
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:49:09 PDT