[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [cobalt-users] Security Issue?

Subject: RE: [cobalt-users] Security Issue?
From: "Andy Brown" <andy.brown@xxxxxxxxxxxxx>
Date: Thu Mar 21 19:51:05 2002
List-id: Mailing list for users to share thoughts on Cobalt products. <cobalt-users.list.cobalt.com>

> I was wondering if anyone has seen this kind of madness on a 
> raq or other rh linux based system.  If I create the password 
> <12345!> for my admin user account and then try logging in 
> using, say, <12345> withouth the !, it lets me in no problem. 
>  I noticed this works for the shell and the gui, so it's not 
> some ssh glitch.  Does this have something to with the use of 
> <> in the password?
> 


An interesting point, did you set the password through the cobalt admin
or was it through the shell passwd command? As I suspect that the cobalt
admin might have been the reason for stripping the !

I've tested this out on my Slakware platform here, and it accepted (via
the terminal) the password:
<12345!>

And testing shows that if I try <12345> to log-in it FAILS, therefore it
is not stripping the exclamation mark out.
I'll dig out a redhat box and try the same to check more...


Andy
andy@xxxxxxxxxxxxxxxxxxxxx
http://ineedlinux.info/

Prev by Date: [cobalt-users] Strange problems with statistics on Raq4
Next by Date: Re: [cobalt-users] FTP slow connection for each file, but file transfers itself are fast
Previous by thread: Re: [cobalt-users] Security Issue?
Next by thread: [cobalt-users] PHP session control failure - help please

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index