[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
From: Tom Grace <lists-in@xxxxxxxxxxxxxxxxxxxxxx>
Date: Thu, 17 Nov 2011 18:17:52 +0000

On 17/11/11 18:14, Valdis.Kletnieks@xxxxxx wrote:
> The problem is that if you install Ubuntu on a server (as lots of people do)
> and enable ssh so you can remotely admin the server, you can find yourself 
> shot
> in the foot if you don't realize there's a passwordless guest account.
PermitEmptyPasswords no

Is set by default in sshd_config

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] Ubuntu 11.10 now unsecure by default
  - From: Olivier
- Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
  - From: Dave
- Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
  - From: Mario Vilas
- Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
  - From: Valdis . Kletnieks

Prev by Date: [Full-disclosure] Cross-Site Scripting Vuln in Zoho ManageEngine ADSelfServicePlus
Next by Date: Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
Previous by thread: Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
Next by thread: Re: [Full-disclosure] Ubuntu 11.10 now unsecure by default
Index(es):
- Date
- Thread