Bugtraq mailing list archives
Re: Xterm bug
From: wam () staff cc purdue edu (William McVey)
Date: Wed, 17 Nov 1993 17:47:53 -0500
mike () netsys com wrote:
Is there any possible way the xterm bug can be exploited without being on a X terminal? mike () netsys com
Short answer ============ yes Long answer =========== All that is needed to exploit the bug is to be able to start a local invocation of xterm that is configured improperly. In order for xterm to start it needs a DISPLAY that it can access. You don't have to be at this display to get xterm to run. You just need permission to open windows on it. Since there are many sites that (unfortunately) don't run with authentication on their X servers, you could set your display to be one of these remote sites, give the command line previously mentioned, and be on your way. -- William McVey
Current thread:
- Xterm bug Mike (Nov 17)
- Re: Xterm bug William McVey (Nov 17)