[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[cobalt-users] Admin/root password security hole

Subject: [cobalt-users] Admin/root password security hole
From: "connected" <mailinglists@xxxxxxxxxxxxxxxxxxxxx>
Date: Sat Apr 22 00:39:33 2000

Hello,

I have a RaQ3.  Tonight I logged in via telnet, entered "admin" then went
to enter my password of 14 characters.  I entered the 11th character wrong,
and hit "enter" so it would ask for my pass again and I could type it in
correctly.  This has worked in the past with no problem.

Tonight, my server granted me access pointblank, with only 10/14 characters
in the password entered.  I was able to access root in this manner as well.
I logged out and attempted this several times, with several versions of my
password.  The server granted me access as long as I had the first eight
characters.

Obviously, this is a gaping security hole.  Has anyone else had this
problem?  Any solutions, other than the obvious of having a shorter
password?

Thanks in advance,
Cassandra

Follow-Ups:
- Re: [cobalt-users] Admin/root password security hole
  - From: Fathi Said

Prev by Date: Re: [cobalt-users] Cobalt IRC Chat??? Does it Exist??
Next by Date: Re: [cobalt-users] Admin/root password security hole
Previous by thread: Re: [cobalt-users] RaQ3 E-mail Questions
Next by thread: Re: [cobalt-users] Admin/root password security hole

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index