TUCoPS :: SCO :: passwdsc.htm

SCO Openserver 5 expired passwords hole



    SCO OpenSERVER 5


    Default login program  doesn't prompt you  for old passwd  once it
    has expired. And  with the many  passwd-file-stealing-exploits its
    not hard to get the file,  then analyze it to find which  accounts
    have  expired  passwords  (This  data  is  kept  in  the  last few
    characters of the password field).  This vulnerability has been
    brought to public by ultima@CORINNE.MAC.EDU


    This is default  login, but there  is lot of  other login programs
    which can be used for purpose.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH