From owner-freebsd-security Thu Sep 10 10:46:20 1998 Return-Path: Received: (from majordom@localhost) by hub.freebsd.org (8.8.8/8.8.8) id KAA14135 for freebsd-security-outgoing; Thu, 10 Sep 1998 10:46:20 -0700 (PDT) (envelope-from owner-freebsd-security@FreeBSD.ORG) Received: from jerusalem.jpl.nasa.gov (aig.jpl.nasa.gov [137.78.90.200]) by hub.freebsd.org (8.8.8/8.8.8) with ESMTP id KAA14122 for ; Thu, 10 Sep 1998 10:46:16 -0700 (PDT) (envelope-from mutz@pompeii.jpl.nasa.gov) Received: from pompeii.jpl.nasa.gov (pompeii [137.78.90.38]) by jerusalem.jpl.nasa.gov (8.8.8/8.8.8) with ESMTP id KAA02169 for ; Thu, 10 Sep 1998 10:46:07 -0700 (PDT) Received: from pompeii (localhost [127.0.0.1]) by pompeii.jpl.nasa.gov (8.8.8/8.8.8) with ESMTP id KAA15836 for ; Thu, 10 Sep 1998 10:46:07 -0700 (PDT) Message-Id: <199809101746.KAA15836@pompeii.jpl.nasa.gov> To: freebsd-security@FreeBSD.ORG Subject: Re: Err.. cat exploit.. (!) In-reply-to: Your message of "Thu, 10 Sep 1998 11:10:22 EDT." <199809101510.LAA08830@khavrinen.lcs.mit.edu> Date: Thu, 10 Sep 1998 10:46:07 -0700 From: Darren Mutz Sender: owner-freebsd-security@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org >< said: > >>> bofh$ cat sendmail.st >>> `ay5habf33*`ma}`)`Jj]: Jsu-2.01$ xtermxterm >>> su: xtermxterm: command not found >>> bofh$ > >> I've noticed this also. Catting some binaries (by accident of course) >> seems to interact with the terminal badly!! This is on an 'rxvt' running >> bash. > >That's why you should normally use `more' or `less'. IMHO, that's not the real fix here -- what's potentially of more interest is the fact that writing some sequence of characters to rxvt can confuse it to the extent that it will execute another string you write to it. This problem seems to imply that anyone with write access to your terminal can execute commands as you. -- Darren Mutz darren.mutz@jpl.nasa.gov My opinions, not JPL's. To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message