gdm thing

From: Kermit the Frog (kermitat_private)
Date: Sun Dec 05 1999 - 18:44:18 PST

Next message: marvinat_private: "Re: idlescan (ip.id portscanner)"

Previous message: Brock Tellier: "UnixWare pkg* command exploits"
Next in thread: Martin K. Petersen: "Re: gdm thing"
Reply: Martin K. Petersen: "Re: gdm thing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Hello! while trying this new soft to replace the ``old'' xdm, I found out
that if a wrong passwd is supplied, gdm will answer with a ``incorrect
password'' message. So I tried to log in as an inexistent user ... the
result was "user unknown". The vulnerabilty seems trivial to me.

The version tested was gdm-2.0beta4.

Best regards.

                           Cervi~no Ulises
<kermitat_private> <ulisesat_private>
...............................................................................
"Contrary to popular opinion, Unix is user friendly, It just happens to be
 very selective about who it makes friends with."

Next message: marvinat_private: "Re: idlescan (ip.id portscanner)"
Previous message: Brock Tellier: "UnixWare pkg* command exploits"
Next in thread: Martin K. Petersen: "Re: gdm thing"
Reply: Martin K. Petersen: "Re: gdm thing"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:17:29 PDT