View Source

Original issue date: May 7, 1990<BR>
Last revised: September 17, 1997<BR>
Attached Copyright Statement

<P>A complete revision history is at the end of this file.

<P>The CERT/CC has recently verified several reports of unauthorized access 
to Internet connected Unisys systems.  The intruder(s) gained access to 
these systems by logging into vendor supplied default accounts; accounts 
that had not been given passwords by the systems' owners.  

<P>Gary Garb, Corporate Computer Security Officer for Unisys Corporation, 
states: 

<P>"The Unisys U5000 series UNIX systems are delivered with a number of
system logins.  The logins are NOT password protected when the
customer receives the system.  Unless the customer secures these logins,
the system is vulnerable to unauthorized access."

<P>"A complete list of these logins can be found in the /etc/passwd file.
Each login is described by one record in /etc/passwd which contains a 
number of fields separated by colons.  The second field normally would
contain the encrypted password.  The system logins will initially have
a null second field (indicated by two adjacent colons) in their descriptive
records in /etc/passwd."

<P>"The U5000/80/85/90/95 System V Administration Guide, Volume 1 (UP13679)
begins with a chapter on "System Identification and Security".  On page 1-2
it states, "All logins should have passwords ... Logins that are not needed
should be either removed (by deleting from /etc/passwd) or blocked (by 
locking the login as described in the section "Locking Unused Logins" on
page 1-8).  The Guide contains complete instructions on controlling logins
and passwords."

<P>"It is the user's (system administrator's) responsibility to thoroughly
read the Guide and to ensure the security of the system.  *Securing the 
login entries should be of the highest priority and should be accomplished
before anyone else has access to the system.*"

<P>The CERT/CC urges administrators of Unisys systems, as well as administrators 
of systems provided by other vendors,  to check their systems and insure all 
accounts are protected by passwords; passwords that are different from the 
default passwords provided by the vendor. 

<P>Questions regarding the security aspects of Unisys systems should be directed 
to:

<P>Gary Garb, Corporate Security Officer<BR>
   Unisys Corporation<BR>
(215) 986-4038

<P><HR>

<!--#include virtual="/include/footer_nocopyright.html" -->
<P>Copyright 1990 Carnegie Mellon University.</P>

<HR>

Revision History
<PRE>
September 17,1997  Attached Copyright Statement
</PRE>