Page 1 of 1
[solved] Porteus security hole
Posted: 01 Apr 2016, 03:52
by donald
You can now easily get the root password as user "guest"
administrator please fix this hole imediately.
(as guest)..open up a terminal and run:
Code: Select all
echo '82 43/25 43+65P80P82P73P76P32P70P79P79P76P10P' | dc
Re: Porteus security hole
Posted: 01 Apr 2016, 14:51
by francois
Donald, this security hole is really compromising my choice of porteus as my linux distribution. I am moving right away to Gentoo.
Re: Porteus security hole
Posted: 01 Apr 2016, 16:07
by fanthom
Damn - my Gentoo based kiosk is also affected ...
Re: Porteus security hole
Posted: 01 Apr 2016, 16:25
by Ed_P
OMG It's in the ISO files that I boot in AF mode.
Re: Porteus security hole
Posted: 01 Apr 2016, 19:31
by brokenman
I found the reason! I am remastering my ISOs now and removing the echo command. That should circumvent the problem until a patch is found. Thanks for the heart palpitations Donald!
Re: Porteus security hole
Posted: 01 Apr 2016, 20:57
by francois
Gosh! gentoo too!
What will I do. Is this the end of linux, plagued with this goddam security hole.? This hole is a black one.
Even relativity theory could not help us to solve this software nemesis.
Re: Porteus security hole
Posted: 01 Apr 2016, 22:48
by Slaxmax
Works in windows
Re: Porteus security hole
Posted: 02 Apr 2016, 03:19
by Jack
Here is my output.
Code: Select all
guest@porteus:~$ echo '82 43/25 43+65P80P82P73P76P32P70P79P79P76P10P' | dc
APRIL FOOL
guest@porteus:~$
Nice joke.
Re: Porteus security hole
Posted: 02 Apr 2016, 03:32
by Ed_P
Slaxmax wrote:Works in windows
Code: Select all
Microsoft Windows [Version 10.0.10586]
(c) 2015 Microsoft Corporation. All rights reserved.
C:\Users\Ed>echo '82 43/25 43+65P80P82P73P76P32P70P79P79P76P10P' | dc
'dc' is not recognized as an internal or external command,
operable program or batch file.
C:\Users\Ed>echo '82 43/25 43+65P80P82P73P76P32P70P79P79P76P10P'
'82 43/25 43+65P80P82P73P76P32P70P79P79P76P10P'
C:\Users\Ed>
Not on the version I run.
How did you do it?
Re: Porteus security hole
Posted: 02 Apr 2016, 12:25
by francois
You were fiooled!
Re: Porteus security hole
Posted: 02 Apr 2016, 19:03
by wread
April, April!