|
CIAC Advisory Notice
NOTICE: TO ALL CONCERNED Certain text files and messages contained on this site deal with activities and devices which would be in violation of various Federal, State, and local laws if actually carried out or constructed. The webmasters of this site do not advocate the breaking of any law. Our text files and message bases are for informational purposes only. We recommend that you contact your local law enforcement officials before undertaking any project based upon any information obtained from this or any other web site. We do not guarantee that any of the information contained on this system is correct, workable, or factual. We are not responsible for, nor do we assume any liability for, damages resulting from the use of any information on this site.
____________________________________________________________________________
THE COMPUTER INCIDENT ADVISORY CAPABILITY
CIAC
INFORMATION BULLETIN
____________________________________________________________________________
April 14, 1989
The Computer Incident Advisory Capability (CIAC) has learned of a
vulnerability in DECWindows running under ULTRIX. There is a
pseudofile, /dev/mem, which contains passwords. Passwords can be
compromised if someone accesses this pseudofile. CIAC will advise
you of a workaround or fix when either becomes available.
Gene Schultz
CIAC Manager
Lawrence Livermore National Laboratory
P.O. Box 808, L-195
Livermore, CA 94550
(415) 422-8193 or (FTS) 532-8193
gschultz%[email protected]
|
|
