NetBSD Problem Report #20808

Received: (qmail 5362 invoked by uid 605); 19 Mar 2003 17:18:27 -0000
Message-Id: <>
Date: Wed, 19 Mar 2003 09:18:12 -0800 (PST)
Subject: 'su -' let people loggin with incomplite root password typed in 
X-Send-Pr-Version: www-1.0

>Number:         20808
>Category:       security
>Synopsis:       'su -' let people loggin with incomplite root password typed in
>Confidential:   no
>Severity:       serious
>Priority:       high
>Responsible:    security-officer
>State:          closed
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Wed Mar 19 17:19:00 +0000 2003
>Closed-Date:    Thu Mar 20 06:00:09 +0000 2003
>Last-Modified:  Thu Mar 20 06:00:09 +0000 2003
>Originator:     Maxim Bourmistrov
>Release:        NetBSD 1.5.2
NetBSD 1.5.2 NetBSD 1.5.2 (GENERIC) #3: Sat Aug 18 23:37:05 CEST 2001 i386

Ok ppl! I hope you don't think this is a lame post :).
I have to boxes with NetBSD 1.5.2 and 1.6.
The problem seems to apper only in 1.5.2.

'su -' let me log in me as root with incomplite password.
Seems to deppend on password length.

P.S. sorry for poor english :)
bash# su -
bash# passwd root
Chanage password to some long word with more than 8 chars.
I changed it to 'zaebalo07'
bash# exit
bash# su -
Type in password without two last letters(or more) , like 'zaebalo0'.
You should be dropped in as a root.
I'v tryed diff lenght with the same password.
If the password is less than 8 chars problem will not appear,in my case I'v tryed 'zaebalo0' as a root password(test nr.2) and never dropped as a root.
But with 'zaebalo07' I had succsses.


State-Changed-From-To: open->closed 
State-Changed-By: itojun 
State-Changed-When: Wed Mar 19 21:59:26 PST 2003 
if you are using DES password, passwords longer than 8 chars are evaluated 
after truncation.  feature. 

NetBSD Home
NetBSD PR Database Search

(Contact us) $NetBSD: query-full-pr,v 1.39 2013/11/01 18:47:49 spz Exp $
$NetBSD:,v 1.8 2006/05/07 09:23:38 tsutsui Exp $
Copyright © 1994-2007 The NetBSD Foundation, Inc. ALL RIGHTS RESERVED.