[imp] Passwd Module: Security vulnerability ???
Eric Rostetter
eric.rostetter at physics.utexas.edu
Tue Jul 15 21:03:55 PDT 2003
Quoting Ashwin Kotian <ashwin at comstocksys.com>:
> still able to see the username displayed & change it to another username &
> also change the password (since I know the other username's original
> password).
The real question is why do you know the other users password?
*That* is the security vulnerability.
--
Eric Rostetter
The Department of Physics
The University of Texas at Austin
Why get even? Get odd!
More information about the imp
mailing list