Date: Thu, 10 Sep 1998 09:44:38 -0700 (PDT) From: patl@phoenix.volant.org To: Jay Tribick <netadmin@fastnet.co.uk> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Err.. cat exploit.. (!) Message-ID: <ML-3.3.905445878.4582.patl@asimov> In-Reply-To: <Pine.BSF.3.96.980910145120.408m-100000@bofh.fast.net.uk>
next in thread | previous in thread | raw e-mail | index | archive | help
> It's not the fact that it was a binary that puzzled me but that > it had managed to execute a command on the shell just by me > cat'ing the file. Forgot to mention that it was in an xterm > and doesn't affect Virtual Consoles. It's primarily a matter of which escape and other control sequences the terminal (emulator) recognizes; although, I believe you can also get different results based on different terminal (stty) settings. A particularly fun one occurs when you have XON/XOFF enabled and the file contains a bunch of 0x13s. You can also irritate your whole office by cat'ing a file with a few thousand 0x07 (BEL) chars. (Usually, they will be buffered up so that even quickly killing the cat won't stop the noise for a while. Or at least I think that is what happened...) -Pat To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?ML-3.3.905445878.4582.patl>