[Home] [Credit Search] [Category Browser] [Staff Roll Call] The LINUX.COM Article Archive
Originally Published: Tuesday, 7 September 1999 Author: Quentin Cregan
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

xscreensaver potentially gives away crypted root password

In a post to the LSAP mailing lists, Olaf Kirch indicated that after a brief audit of xscreensaver, he'd noticed the software made a copy of the encrypted root password. Should the software crash early, the crypted password could be presented, leading to a potential brute force attack.



Originally published on Linux.com. Released under the Open Content License unless otherwise stated. Notify Gareth Watts of any errors or copyright violations.