Bugtraq mailing list archives
Re: ISS Internet Scanner Brute Force Bug
From: dleblanc () MINDSPRING COM (David LeBlanc)
Date: Fri, 19 Feb 1999 09:52:20 -0500
At 10:18 AM 2/19/99 -0000, Stephen Bishop wrote:
David,
I'd suggest that you use vi, notepad, or some reasonable text editor in the meantime. Just what text editor are you using?
At the risk of getting off the subject, I've come across many situations
where
having the last line in a file without a line terminator has caused problems, so I think software should always be written to handle this situation. And even Emacs (which, otherwise, solves all life's problems) allows me to create a file with no line terminator at the end.
I agree. I thought the same thing when I fixed this a long time ago. I looked at the code last night, and it looks like it is handling this situation just fine. Since the bug does appear to be in recent builds (somehow), the work-around would be to place either a blank line or a comment (start the line with #) as the last line. Or simply hit the enter key at the end of each line. My version of vi does not allow this, hmmm - checking a few others... Here's what I've found: Terminates all lines: vi (Congruent GNU port from ftp.cc.utexas - actually elvis) Word Wordpad edit edlin (and adds a ^Z) Does NOT terminate: notepad copy con [file] VC++ text editor <joke> Moral of story - always use vi, and life is good 8-) BTW, as a pre-emptive strike against this one, there _is_ a bug in the NT scanner where we're not handling LF-delimited files properly. If you happen to have created your user-password pairs under UNIX, run tr on the file before using it in the scanner. Alternately, open it in Word and save it back out. Notepad will NOT help - it doesn't deal with LF-delimited files correctly either. NT's version of perl also makes this easy - running the following script does it: while(<>){print;} David LeBlanc dleblanc () mindspring com
Current thread:
- ISS Internet Scanner Brute Force Bug alexander tampermeier (Feb 17)
- Re: ISS Internet Scanner Brute Force Bug David LeBlanc (Feb 18)
- ISS forum Christopher Klaus (Feb 18)
- L0pht Security Advisory: Windows NT Dildog (Feb 18)
- <Possible follow-ups>
- Re: ISS Internet Scanner Brute Force Bug David LeBlanc (Feb 19)