VULHUB ™

UnixWare is a commercially available Unix Operating System. It was originally developed by SCO, and is now distributed and maintained by Caldera. A vulnerability has been reported in the default installation of some versions of UnixWare. A file exists which is world readable and includes the encrypted owner and root passwords. A local user would be able to access this information, and may be able to mount a dictionary attack on the root password without detection. The vulnerable file is /var/adm/isl/ifile. It is not currently known if this is a configuration error, or if this file reflects the current state of a changed root password.

UnixWare is a commercially available Unix Operating System. It was originally developed by SCO, and is now distributed and maintained by Caldera. A vulnerability has been reported in the default installation of some versions of UnixWare. A file exists which is world readable and includes the encrypted owner and root passwords. A local user would be able to access this information, and may be able to mount a dictionary attack on the root password without detection. The vulnerable file is /var/adm/isl/ifile. It is not currently known if this is a configuration error, or if this file reflects the current state of a changed root password.