ciac-03.decwindows-ultrix
133044cae72b4d0d61a6e7eb4ccd8f10f4b0f0000e0d2ca0d980b4d2826ae06e
____________________________________________________________________________
THE COMPUTER INCIDENT ADVISORY CAPABILITY
CIAC
INFORMATION BULLETIN
____________________________________________________________________________
April 14, 1989
The Computer Incident Advisory Capability (CIAC) has learned of a
vulnerability in DECWindows running under ULTRIX. There is a
pseudofile, /dev/mem, which contains passwords. Passwords can be
compromised if someone accesses this pseudofile. CIAC will advise
you of a workaround or fix when either becomes available.
Gene Schultz
CIAC Manager
Lawrence Livermore National Laboratory
P.O. Box 808, L-195
Livermore, CA 94550
(415) 422-8193 or (FTS) 532-8193
gschultz%nsspa@icdc.llnl.gov