Re: [Cooker] [Bug 6148] [drakxtools] New: drakclub security breach - prints root passowrd to console
[cybercfo] [EMAIL PROTECTED] writes: http://qa.mandrakesoft.com/show_bug.cgi?id=6148 Product: drakxtools Component: drakxtools Summary: drakclub security breach - prints root passowrd to console Product: drakxtools Version: 9.1-15mdk Platform: PC OS/Version: All Status: UNCONFIRMED Severity: normal Priority: P2 Component: drakxtools AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] When drakclub is run from the command line, it prints the machine root password in the console after it is entered in the gui with *. Here is the output of my console. (Don't worry, I changed the characters of the password.) $ drakclub ## 6 ## Password: hgj6873f Fixed in drakfirsttime-0.92-4.2.92mdk (which should be available in Security updates) Please try http://peoples.mandrakesoft.com/~daouda/rpms/Updates/RPMS/drakfirsttime-0.92-4.2.92mdk.noarch.rpm
[Cooker] [Bug 6148] [drakxtools] New: drakclub security breach - prints root passowrd to console
http://qa.mandrakesoft.com/show_bug.cgi?id=6148 Product: drakxtools Component: drakxtools Summary: drakclub security breach - prints root passowrd to console Product: drakxtools Version: 9.1-15mdk Platform: PC OS/Version: All Status: UNCONFIRMED Severity: normal Priority: P2 Component: drakxtools AssignedTo: [EMAIL PROTECTED] ReportedBy: [EMAIL PROTECTED] When drakclub is run from the command line, it prints the machine root password in the console after it is entered in the gui with *. Here is the output of my console. (Don't worry, I changed the characters of the password.) $ drakclub ## 6 ## Password: hgj6873f added medium club.comm_i586_9.2 I believe that the password should not be output to the console, this is a security breach. -- Configure bugmail: http://qa.mandrakesoft.com/userprefs.cgi?tab=email --- You are receiving this mail because: --- You are on the CC list for the bug, or are watching someone who is.
