Date: Sat, 14 Dec 1996 12:31:37 +0100 (MET) From: J Wunsch <j@uriah.heep.sax.de> To: proff@iq.org (Julian Assange) Cc: security@freebsd.org, hackers@freebsd.org Subject: Re: vulnerability in new pw suite Message-ID: <199612141131.MAA25325@uriah.heep.sax.de> In-Reply-To: <199612140135.MAA04639@profane.iq.org> from Julian Assange at "Dec 14, 96 12:35:25 pm"
next in thread | previous in thread | raw e-mail | index | archive | help
As Julian Assange wrote: > The FreeBSD account administration pw suite is able to produce > "random" passwords for new accounts. Due to the simplicity of the > password generation algorithm involved, the passwords are easily > predictable amid a particular range of possibilities. This range > may be very narrow, depending on what sort of information is > available to the attacker. Is there any particular reason why you didn't submit this to the author in the first place? (Forwarded to David now.) -- cheers, J"org joerg_wunsch@uriah.heep.sax.de -- http://www.sax.de/~joerg/ -- NIC: JW11-RIPE Never trust an operating system you don't have sources for. ;-)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199612141131.MAA25325>