IRIX default guest account

Description:Apparently, all IRIX systems come by default with a unpassworded guest account. Almost as stupid as HP/UX's staticly passworded uid 0 sam_exec accounts.
Author:well known, but Mike Neuman <mcn@RIPOSTE.ENGARDE.COM> mentioned it on bugtraq
Compromise:remotely obtain local user privileges.
Vulnerable Systems:IRIX, apparently all versions up to 6.3
Date:15 May 1997

Date: Thu, 15 May 1997 10:24:28 -0600
From: Mike Neuman <mcn@RIPOSTE.ENGARDE.COM>
Subject: Re: Reminder for irix ppl

> On a slightly different beat, perhaps SGI will consider changes the
> default settings, in either case I'd be interested in finding out why it
> is the default behavior.

  SGI (in IRIX 6.3) has a really nice interface which will allow you to turn
this feature on and off.

  Another warning: The "guest" account exists without password on every IRIX
system by default.

  One more: Beware the IPForwarding on/off checkbox on IRIX 6.3 (and possibly
others). It doesn't do a thing. A dual-homed SGI O2 running 6.3 clearly said
that IPForwarding was off, and was still forwarding my packets through to the
other side. The sysadmin who was running the machine had to modify a couple
scripts in /etc/init.d to fix the problem. I don't have any further details,
as I was busy breaking into other systems, not paying attention to how it was
fixed. :-) Anyway, if you have a dual-homed SGI, make sure it's not forwarding
by actually testing it rather than believing the GUI.

(And who said penetration testing wasn't a useful security service?) :-)


More Exploits!

The master index of all exploits is available here (Very large file)
Or you can pick your favorite operating system:
All OS's Linux Solaris/SunOS Micro$oft
*BSD Macintosh AIX IRIX
ULTRIX/Digital UNIX HP/UX SCO Remote exploits

This page is part of Fyodor's exploit world. For a free program to automate scanning your network for vulnerable hosts and services, check out my network mapping tool, nmap. Or try these Insecure.Org resources: