Category Archives: Tech

ba-2001-01-post

From: Golden_Eternity [[email protected]….com]
Sent: Monday, April 23, 2001 12:08 PM
To: ‘[email protected]….com’
Subject: Non-user accounts assigned shell by default – Red Hat 6.1-7.0,
et al.

SEVERITY: Low
AFFECTED VERSIONS: Confirmed on Red Hat 6.1, 6.2 and 7.0
DESCRIPTION:
The default installation does not assign a shell for most non-user accounts
(e.g. nobody, bin). If no shell is specified for an account, the shell
defaults to /bin/sh.

On its own, this does not pose a significant threat. However, very few of
these accounts require a shell, so there is no reason to grant this extra
privilege. This may violate security policies for granting the minimum
privileges necessary to accomplish a task.

Additionally, the default installation of /etc/shells does not contain a
shell such as /bin/false which would deny login.

Red Hat was contacted about this in June 2000 and has elected not to fix
this problem at this time.

https://bugzilla.redhat.com/show_bug.cgi?id=12409
SOLUTION:
The solution would be to assign these accounts a false shell which will
not permit login, such as /bin/false. This shell could be added to /etc/shells
for use with chsh.
DEMONSTRATION:
[[email protected] /root]# grep “nobody” /etc/passwd
nobody:x:99:99:Nobody:/:
[[email protected] /root]# su nobody
bash$

[[email protected] /root]# grep “xfs” /etc/passwd
xfs:x:43:43:X Font Server:/etc/X11/fs:/bin/false
[[email protected] /root]# su xfs
[[email protected] /root]#


I apologize if this is not considered a significant enough issue to post
to bugtraq. I debated posting for a while and eventually decided that if
it isn’t, the moderator will kill it. 😉

Since some administrators may not be aware that there is a default shell
for unix/linux accounts, I felt this information could be useful.

Updates to this warning can be found at https://www.bhodisoft.com/Sec/

BA-2001-01 Non-user accounts assigned shell by default

Original release date: April 23, 2001
Last revised: July 21, 2001

A complete revision history is at the end of this file.

Systems Affected

Confirmed on Red Hat 6.1, 6.2 and 7.0

Severity

Low

Overview

The default installation does not assign a shell for most non-user accounts (e.g. nobody, bin). If no shell is specified for an account, the shell defaults to /bin/sh.

Continue reading BA-2001-01 Non-user accounts assigned shell by default

CA-2000-02 Vulnerability in Feature Common to Most Major Web Browsers

CUSERT® Advisory CA-2000-02 Vulnerability in Feature
Common to Most Major Web Browsers

This advisory is being published jointly by the CUSERT Coordination Center,
d0d-CERT, and the d0d Joint Task Force for Computer User Stupidity (JTF-CUS).

Original release date: April 23, 2000
Last revised: December 25, 2012

A complete revision history is at the end of this file.

Systems Affected

  • Most major web browsing software

Overview

A vulnerability has been discovered in most major web browsers which
provides access to the local hard disk.
This could result in fear, uncertainty, and doubt, which might cause numerous
technical support calls, and chest pains.

Continue reading CA-2000-02 Vulnerability in Feature Common to Most Major Web Browsers

CA-2000-01 Poor Error Handling in Password Authentication May Result in Authentication Failure

This advisory is being published jointly by the CUSERT Coordination Center,
d0d-CERT, and the d0d Joint Task Force for Computer User Stupidity (JTF-CUS).

Original release date: February 19, 2000

Last revised: December 25, 2012

A complete revision history is at the end of this file.

Systems Affected

  • ASCII based Password Authentication Modules

Overview

Poor error handling in many Password Authentication Modules which rely
on ASCII based data-input may result in a failure to authenticate users.
This could result in a denial of service to those users.

Continue reading CA-2000-01 Poor Error Handling in Password Authentication May Result in Authentication Failure