Originally Published: Friday, 3 December 1999 Author: Quentin Cregan
Published to: news_enhance_security/Security News Page: 1/1 - [Printable]

Slackware 7.0 login bug?

There has been discussion of a login bug on BugTraq, in Slackware 7.0 that grants the potential for brute force attacks. The bug involves the way that authorisation code is called when a uid is locked or does not exist. As far as I can tell, this is useful in discovering usernames, but I may well be wrong.