OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Cade Cairns (cairnsc_at_securityfocus.com)
Date: Fri Jan 03 2003 - 15:37:38 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Oops, probably approved this a bit too hastily. This is assumedly due to
    the use of unix crypt().

    Cade Cairns
    Symantec Corporation

    On Fri, 3 Jan 2003, Sam Pointer wrote:

    > This posting just appeared on the Smoothwall GPL mailing list if anyone is
    > interested (Smoothwall is a Linux-based GUIfied firewall:
    > www.smoothwall.co.uk)
    >
    > -----Original Message-----
    > From: Peter Leeman [mailto:peter.leemanbtopenworld.com]
    > Sent: 02 January 2003 03:48
    > To: Gpl
    > Subject: [gpl] Admin password
    >
    >
    > Hi (Happy new year)
    >
    > I'm running Smoothwall gpl 1.0 and have found the following:
    >
    > When logging on to shut smoothwall down (using admin account) if I enter the
    > correct password plus a few characters I can still get logged on ie,
    >
    > If password = password then
    > 'blahblah' doesn't work
    > 'password' does
    > 'password123' does
    >
    > Strange but true, does anyone else get this, if not.. oh! if so is there a
    > way to stop this.
    >
    > TIA
    > Pete.
    > _______________________________________________
    > gpl mailing list
    > gpllists.smoothwallusers.org
    > http://lists.smoothwallusers.org/mailman/listinfo/gpl
    >
    > SmoothWall Stash - Buy Our Stuff! http://cafepress.com/smoothwall
    >
    >
    > This email and any attachments are strictly confidential and are intended
    > solely for the addressee. If you are not the intended recipient you must
    > not disclose, forward, copy or take any action in reliance on this message
    > or its attachments. If you have received this email in error please notify
    > the sender as soon as possible and delete it from your computer systems.
    > Any views or opinions presented are solely those of the author and do not
    > necessarily reflect those of HPD Software Limited or its affiliates.
    >
    > At present the integrity of email across the internet cannot be guaranteed
    > and messages sent via this medium are potentially at risk. All liability
    > is excluded to the extent permitted by law for any claims arising as a re-
    > sult of the use of this medium to transmit information by or to
    > HPD Software Limited or its affiliates.
    >
    >