SUMMARY: DEC-Unix V3.2c and C2 Security problem

• To: alpha-osf-managers@xxxxxxxx
• Subject: SUMMARY: DEC-Unix V3.2c and C2 Security problem
• From: Harald Baumgartner <hmb@xxxxxxxxxxxxxxxxxxxxxxxxx>
• Date: Wed, 02 Apr 1997 10:39:13 +0200 (MET DST)
• Followup-to: poster
• Sender: alpha-osf-managers-relay@xxxxxxxxxxxxxxxxx

Dear Managers,

after reboot in the morning, no one could login to this machine:
Console login: root
Password:xxxxx 

	last successfull login...
	last unsuccessfull login...

login:

by telnet the login doesn't appear.

i rebooted in single-user mode:
>>> boot -fl s
# mount -u /
# fsck
# mount -a

with help from DEC-Service (Mrs. Ernst) i found out that the file: 
/tcb/files/auth/h/user-file has to much lines, after:
 :u_unsuctty=ttyr0:u_lock@:chkent:
		blabla....  appears

i removed the line after chkent:  and run /tcb/bin/authck -av

the program tells me, everything is fine, but at the end it produces a core-dump

Now i removed a blank line in the middle from /etc/passwd and rebooted the ma-
chine again.

			H. Baumgartner

• Prev: CDE and customized backdrops
• Next: [SUMM] at/batch doesn't work on C2
• Index(es):
  • Main
  • Thread