Date: Thu, 10 Sep 1998 21:36:56 +0200 From: Mark Murray <mark@grondar.za> To: ben@rosengart.com Cc: Jay Tribick <netadmin@fastnet.co.uk>, security@FreeBSD.ORG Subject: Re: cat exploit Message-ID: <199809101937.VAA20286@gratis.grondar.za> In-Reply-To: Your message of " Thu, 10 Sep 1998 13:44:03 -0400." <Pine.GSO.4.02.9809101342480.6345-100000@echonyc.com> References: <Pine.GSO.4.02.9809101342480.6345-100000@echonyc.com>
next in thread | previous in thread | raw e-mail | index | archive | help
Snob Art Genre wrote: > 1) No, you use less. ... or view(1) or more(1) or.... NOT cat(1). > 2) So you've figured out how to execute arbitrary commands from this? > I'm not saying that's not possible, but so far the only thing this > "bug" does is output the name of xterm. Most modern terminals (and emulators) can be programmed to do wierd things. Wierd things such as "when your user types key <foo>, send sequence <bar>" for various definitions of <foo> and <bar>. This used to be an attack at universities-with-mainframes when students actually read manuals. Login: me Password: $ Message from badguy: 'elgj' qerjgp'adl'glkJSFL'Kdfjmf'sd;lkf;sdf <screen clears> $ logout (response to "w" from user). M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199809101937.VAA20286>