Vulnerability Development mailing list archives

Re: terminal weirdness?

From: Matt Zimmerman <mdz () CSH RIT EDU>
Date: Sat, 10 Mar 2001 03:20:52 -0500

On Fri, Mar 09, 2001 at 12:22:29AM -0600, Curt Wilson wrote:

I recall a while back there was an ADM tool, a local exploit, that
used escape sequences to create dangerous command lines that got passed into
your shell -  for instance adding passwords, + + to .rhosts, and the like that
would execute with the security privs of the current user.


Back in the DOS days, it was possible to do this sort of thing using ANSI
escape sequences.  These are powerful enough to do really nasty things like
assign macros (arbitrary strings) to keystrokes.  I don't know who imagined
that to be a good place to implement that kind of functionality.

--
 - mdz

Current thread:

Re: terminal weirdness?, (continued)
- - - Re: terminal weirdness? Crispin Cowan (Mar 09)
    - Re: terminal weirdness? Allen J. Newton (Mar 09)
    - Re: terminal weirdness? Ron DuFresne (Mar 10)
    - Re: terminal weirdness? Allen J. Newton (Mar 11)
    - Re: terminal weirdness? Matt Zimmerman (Mar 10)
  - Re: terminal weirdness? Ron DuFresne (Mar 08)
    - Re: terminal weirdness? Matt Zimmerman (Mar 08)
- Re: terminal weirdness? Vincent Zweije (Mar 08)
  - Re: terminal weirdness? Curt Wilson (Mar 09)
    - Re: terminal weirdness? Damian Menscher (Mar 09)
    - Re: terminal weirdness? Matt Zimmerman (Mar 10)
    - Re: terminal weirdness? Systems Administrator (Mar 10)
    - Re: terminal weirdness? Matt Zimmerman (Mar 10)