Content-Type: text/plain Content-Disposition: inline Content-Transfer-Encoding: binary MIME-Version: 1.0 X-Mailer: MIME-tools 5.411 (Entity 5.404) X-RT-Original-Encoding: iso-8859-1 Content-Length: 2135 From wolfen@orcrist.teklaine.com Wed Dec 2 18:57:07 1998 Received: from MIT.EDU (SOUTH-STATION-ANNEX.MIT.EDU [18.72.1.2]) by rt-11.MIT.EDU (8.7.5/8.7.3) with SMTP id SAA14935 for ; Wed, 2 Dec 1998 18:57:02 -0500 Received: from orcrist.teklaine.com by MIT.EDU with SMTP id AA09206; Wed, 2 Dec 98 18:56:49 EST Received: (from root@localhost) by orcrist.teklaine.com (8.9.1/8.9.1) id PAA22946; Wed, 2 Dec 1998 15:55:13 -0800 Message-Id: <199812022355.PAA22946@orcrist.teklaine.com> Date: Wed, 2 Dec 1998 15:55:13 -0800 From: root@orcrist.teklaine.com Reply-To: root@orcrist.teklaine.com To: krb5-bugs@MIT.EDU Cc: bspindlr@tekchek.com Subject: bug in kadmin X-Send-Pr-Version: 3.99 >Number: 673 >Category: krb5-admin >Synopsis: kadmin shows password when it shouldn't >Confidential: no >Severity: serious >Priority: medium >Responsible: krb5-unassigned >State: open >Class: sw-bug >Submitter-Id: unknown >Arrival-Date: Wed Dec 02 18:58:00 EST 1998 >Last-Modified: Thu Apr 4 17:22:23 EST 2002 >Originator: root@orcrist.teklaine.com >Organization: >Release: krb5-1.0.5 >Environment: System: Linux orcrist 2.0.30 #5 Tue Jun 24 03:09:53 CDT 1997 i586 unknown Architecture: i586 >Description: I have an entry in my kadm5.acl file as */admin@REALM I go into kadmin as root/admin@REALM, if the first thing I do when I get into kadmin is type ctrl c it says: kadmin: Unknown request "PASSWORD". Type "?" for a request list. Where PASSWORD is the password I typed to start kadmin as root/admin. I realize this is a small bug that doesn't seem exploitable, however it didn't seem like a wanted feature :) I have not tested this on platforms other than the one listed above, so it maybe only be a problem on linux. However just go into kadmin, and press ctrl c before you do anything else >How-To-Repeat: >Fix: Sorry, dunno. >Audit-Trail: Responsible-Changed-From-To: gnats-admin->krb5-unassigned Responsible-Changed-By: hartmans Responsible-Changed-When: Thu Apr 4 17:22:10 2002 Responsible-Changed-Why: This seems like an ss bug >Unformatted: