VULHUB ™

In systems running HP-UX, the password field in /etc/passwd contains a token character, "*". Under some circumstances, this field can be set to empty -- leaving the HP-UX system vulnerable to compromise. One such circumstance which can cause this to occur is by creating an image of a system with Ignite-UX, which does not normally include the /etc/passwd file. When the image is loaded on a system, the password file will be left with blank entries.

In systems running HP-UX, the password field in /etc/passwd contains a token character, "*". Under some circumstances, this field can be set to empty -- leaving the HP-UX system vulnerable to compromise. One such circumstance which can cause this to occur is by creating an image of a system with Ignite-UX, which does not normally include the /etc/passwd file. When the image is loaded on a system, the password file will be left with blank entries.