HP-UX login btmp Logging Failure Vulnerability

info
discussion
exploit
solution
references

HP-UX login btmp Logging Failure Vulnerability

The version of 'login' shipped with HP-UX 10.26 does not record unsuccessful login attempts in 'btmp'. The btmp file is used to record bad logins.

It may be possible for attackers to launch a brute force attack that is not noticed by administrators who rely on btmp.

The attempts may still be visible in other logs (such as syslog).