Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1994_3

Bugtraq archives for 3rd quarter (Jul-Sep) 1994: Re: IRIX 5.2 Security Advisory

Re: IRIX 5.2 Security Advisory

Jim Littlefield (littleragnarok.hks.com)
Tue, 9 Aug 1994 16:57:11 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Marc W. Mengel: "Re: IRIX 5.2 Security Advisory"
Previous message: maxgac.edu: "Re: IRIX 5.2 Security Advisory"

On Aug 9, 11:03am, Dave Sill wrote:
: Steve Kotsopoulos wrote:
: >
: >: There is no way to know if someone has exploited the bug. It's such
: >: a quiet little hole that it doesn't leave a mark anywhere. You don't
: >: even have to logon to exploit it. That's how bad it is.
:
: Wait a minute, they said the bug could be exploited without logging in?

Seems possible. The xdm login window has a "Help" button. I assume that the
hole is accessed via the help window.

-- 

Jim Littlefield  <littlehks.com>      I prefer caffeine free, clear, diet Jolt.

Next message: Marc W. Mengel: "Re: IRIX 5.2 Security Advisory"
Previous message: maxgac.edu: "Re: IRIX 5.2 Security Advisory"