Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1994_3

Bugtraq archives for 3rd quarter (Jul-Sep) 1994: Re: Sending escape sequences to xterms via wall/talk

Re: Sending escape sequences to xterms via wall/talk

Evil Pete (shipleymerde.dis.org)
Thu, 21 Jul 1994 18:04:39 -0700

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Rob Quinn: "setuid root programs and core dumps"
Previous message: Paul A Vixie: "yes, there's another hole in BIND"
In reply to: Paul Daw: "Re: Sending escape sequences to xterms via wall/talk"
Next in thread: Christopher A. Stewart: "Re: Sending escape sequences to xterms via wall/talk"

>
>This makes sense if you think about it.  Suppose I was running /bin/passwd,
>I had just entered in my password, and then passwd core dumped for some
>reason.  The core image would have my clear text password stored in it.

Worse yet, a entire buffer or more from the shadow password file 
may be extracted from the core, thus allowing you to circumvent
the "security" of the shadow passwd system


		-Pete

Next message: Rob Quinn: "setuid root programs and core dumps"
Previous message: Paul A Vixie: "yes, there's another hole in BIND"
In reply to: Paul Daw: "Re: Sending escape sequences to xterms via wall/talk"
Next in thread: Christopher A. Stewart: "Re: Sending escape sequences to xterms via wall/talk"