From owner-freebsd-security Thu Sep 10 09:25:04 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id JAA28495 for freebsd-security-outgoing; Thu, 10 Sep 1998 09:25:04 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from ocean.campus.luth.se (ocean.campus.luth.se [130.240.194.116]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id JAA28485 for ; Thu, 10 Sep 1998 09:25:00 -0700 (PDT) (envelope-from karpen@ocean.campus.luth.se) Received: (from karpen@localhost) by ocean.campus.luth.se (8.9.1/8.9.1) id SAA10499; Thu, 10 Sep 1998 18:18:41 +0200 (CEST) (envelope-from karpen) From: Mikael Karpberg Message-Id: <199809101618.SAA10499@ocean.campus.luth.se> Subject: Re: Err.. cat exploit.. (!) In-Reply-To: from Jay Tribick at "Sep 10, 98 12:07:05 pm" To: netadmin@fastnet.co.uk (Jay Tribick) Date: Thu, 10 Sep 1998 18:18:41 +0200 (CEST) Cc: freebsd-security@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL32 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org According to Jay Tribick: > bofh$ cat sendmail.st > `ay5habf33*`ma}`)`Jj]: Jsu-2.01$ xtermxterm > su: xtermxterm: command not found > bofh$ > > This seems quite scarey to me, couldn't someone embed 'rm -rf /' > within a text file and then, if root cats the file it nukes > their system? I'm not completely clear on what that is, but I've seen it also. What I _am_ completely clear about is that it's got nothing to do with cat, and instead everything to do with xterm. I guess it's some code sequence that comes up that makes xterm do something. Kinda like the code that sets the xterm title. /Mikael To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message