NetBSD Problem Report #42453
From www@NetBSD.org Tue Dec 15 08:40:36 2009
Return-Path: <www@NetBSD.org>
Received: from mail.netbsd.org (mail.netbsd.org [204.152.190.11])
by www.NetBSD.org (Postfix) with ESMTP id 43E8263C3A9
for <gnats-bugs@gnats.NetBSD.org>; Tue, 15 Dec 2009 08:40:36 +0000 (UTC)
Message-Id: <20091215084036.12BF563B844@www.NetBSD.org>
Date: Tue, 15 Dec 2009 08:40:36 +0000 (UTC)
From: petea_garstea@fincombank.com
Reply-To: petea_garstea@fincombank.com
To: gnats-bugs@NetBSD.org
Subject: security bug, des algorithm
X-Send-Pr-Version: www-1.0
>Number: 42453
>Category: security
>Synopsis: security bug, des algorithm
>Confidential: no
>Severity: critical
>Priority: high
>Responsible: security-officer
>State: closed
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Tue Dec 15 08:45:00 +0000 2009
>Closed-Date: Tue Dec 15 18:04:44 +0000 2009
>Last-Modified: Tue Dec 15 18:04:44 +0000 2009
>Originator: peter garstea
>Release: 5.0.1 stable, updated
>Organization:
fincombank
>Environment:
NetBSD NetBSD 5.0.1 NetBSD 5.0.1 (XEN3_DOM0) #0: Thu Dec 3 17:56:47 EET 2009 peter@NetBSD:/usr/src/sys/arch/i386/compile/XEN3_DOM0 i386
>Description:
hello
i set the password for root using DES algorithm, the password is mazafaka_
im apologize :), after reboot when im loging i enter the password for root
but without the last symbol or with any other symbol like $%!@ etc, just enter the mazafazka or mazafaka% and the system allows me to login successfully.
>How-To-Repeat:
>Fix:
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->closed
State-Changed-By: dholland@NetBSD.org
State-Changed-When: Tue, 15 Dec 2009 18:04:44 +0000
State-Changed-Why:
The traditional/historic DES-based password algorithm only supports
8-character passwords. If you need longer passwords, use one of the
other algorithms.
>Unformatted:
(Contact us)
$NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD: gnats_config.sh,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007
The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.
Home