Home > Uncategorized > root password exposure on Ops Center provisioned hosts?

root password exposure on Ops Center provisioned hosts?

# ls -l /var/opt/sun/jet/config/jumpstart.conf
-rwxr-xr-x 1 root other 1551 Apr 13 2010 /var/opt/sun/jet/config/jumpstart.conf

Contains the DES encrypted root password on line prefixed “JS_Default_Root_PW=” set during installation and is world-readable.

Advertisements
Tags:
  1. No comments yet.
  1. No trackbacks yet.

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: