Re: [Full-disclosure] I find a bug

I have fedora 14, several centOS 5.5 machines and a vanilla ubuntu 9.10 vm,
all ask for the password


2011/1/18 Christian Sciberras <uuf6429@xxxxxxxxx>

Every bug is a feature. Some are less obvious than others.

;-)

Oh, and for what it's worth, I get asked for the root password on my
machine (vanilla ubuntu).





2011/1/18 Laurelai Storm <laurelai@xxxxxxxxxxxx>

It prompts for a password on my machine, perhaps you should check your
sudoers config.

Also, its not a bug its a feature :p

2011/1/18 我是王子 <tradeprince@xxxxxx>

hello,

I found a bug,

run [sudo strace su] command can get root privileges without any
password.

bill

------------------ Original ------------------
*From: * "Steve Beattie"<sbeattie@xxxxxxxxxx>;
*Date: * Thu, Jan 13, 2011 08:01 PM
*To: * "ubuntu-security-announce"<
ubuntu-security-announce@xxxxxxxxxxxxxxxx>;
*Cc: * "full-disclosure"<full-disclosure@xxxxxxxxxxxxxxxxx>; "bugtraq"<
bugtraq@xxxxxxxxxxxxxxxxx>;
*Subject: * [USN-1042-2] PHP5 regression

--
ubuntu-security-announce mailing list
ubuntu-security-announce@xxxxxxxxxxxxxxxx
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/ubuntu-security-announce


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Relevant Pages

  • Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
    ... silently enabled by default on new Ubuntu systems. ... >> PasswordAuthentication no ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
    ... Your a shame on linux worls valdis, picking on ubuntu, go pick on Owl ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
    ... Is remote access of any kind enabled by default for this guest account? ... I am not an Ubuntu expert so these are genuine questions, I am far to busy to research this at this time so I ask these questions in the hope ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
    ... Backdoors in ubuntu are now called features: ... Full-Disclosure - We believe in it. ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)
  • Re: [Full-disclosure] I find a bug
    ... asks for the password of the luser running "sudo". ... FYI vanilla ubuntu doesn't set a root password (try to log in as ... Charter: http://lists.grok.org.uk/full-disclosure-charter.html ... Hosted and sponsored by Secunia - http://secunia.com/ ...
    (Full-Disclosure)