Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1998_2

Bugtraq archives for 2nd quarter (Apr-Jun) 1998: talkd vulnerability in patched RH 5.0?

talkd vulnerability in patched RH 5.0?

Ken Williams (jkwilli2UNITY.NCSU.EDU)
Fri, 19 Jun 1998 08:31:53 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: franksun01.ccii.unipi.it: "Re: another remote pine vunerability"
Previous message: Pete Ashdown: "Solaris 2.5.1 patch not effective?"

hi,

while engaged in a talk session with a local user on an RH 5.0 box with
2.0.34 kernel that has all recommended patches, the user was able to
execute a command in my cwd.  he executed a '\rm *' command in another
xterm window and then inadvertently pasted the command into the xterm
running the talk session just as i '<ctrl>-C'ed' out of the talk session.
all of the files in my cwd were rm'ed.  i looked through all of my
.history files and could not find any command executed on my end.

btw, i checked the bugtraq archives and redhat.com, and read about the
long history of talkd vulnerabilities and security risks, but did not see
anything specifically about this event with patched RH 5.0.  sorry if this
post happens to be irrelevant or old news.

Ken Williams

VP of E.H.A.P. Corp.    http://www.ehap.org/  ehapehap.org, tattooehap.org
Packet Storm Security   http://www.Genocide2600.com/~tattooman/index.shtml
NC State Comp Sci Dept  http://www4.ncsu.edu/~jkwilli2/
PGP DSS & RSA Keys:     http://www.genocide2600.com/cgi-bin/finger?tattooman

Next message: franksun01.ccii.unipi.it: "Re: another remote pine vunerability"
Previous message: Pete Ashdown: "Solaris 2.5.1 patch not effective?"