From owner-freebsd-bugs Wed Jan 22 16:00:08 1997 Return-Path: Received: (from root@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id QAA08061 for bugs-outgoing; Wed, 22 Jan 1997 16:00:08 -0800 (PST) Received: (from gnats@localhost) by freefall.freebsd.org (8.8.5/8.8.5) id QAA08050; Wed, 22 Jan 1997 16:00:04 -0800 (PST) Resent-Date: Wed, 22 Jan 1997 16:00:04 -0800 (PST) Resent-Message-Id: <199701230000.QAA08050@freefall.freebsd.org> Resent-From: gnats (GNATS Management) Resent-To: freebsd-bugs Resent-Reply-To: FreeBSD-gnats@freefall.FreeBSD.org, jcwells@u.washington.edu Received: from s5-25-199.student.washington.edu (S5-25-199.student.washington.edu [128.95.25.199]) by freefall.freebsd.org (8.8.5/8.8.5) with ESMTP id PAA07128 for ; Wed, 22 Jan 1997 15:50:59 -0800 (PST) Received: (from sysadmin@localhost) by s5-25-199.student.washington.edu (8.8.3/8.8.3) id PAA00509; Wed, 22 Jan 1997 15:50:33 -0800 (PST) Message-Id: <199701222350.PAA00509@s5-25-199.student.washington.edu> Date: Wed, 22 Jan 1997 15:50:33 -0800 (PST) From: Jason Wells Reply-To: jcwells@u.washington.edu To: FreeBSD-gnats-submit@freebsd.org X-Send-Pr-Version: 3.2 Subject: bin/2560: login accepts bad passwd and logs user in Sender: owner-bugs@freebsd.org X-Loop: FreeBSD.org Precedence: bulk >Number: 2560 >Category: bin >Synopsis: login accepts bad passwd and logs user in >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Wed Jan 22 16:00:01 PST 1997 >Last-Modified: >Originator: Jason Wells >Organization: highperformance.net >Release: FreeBSD 2.1.5-STABLE i386 >Environment: >Description: Login accepts password that is known to be bad. If the user accidentally adds characters to the end of a correct password login does not reject the login. If your password was 'password' and you entered 'passwordxx' login willaccept the password. >How-To-Repeat: >Fix: >Audit-Trail: >Unformatted: