Bugtraq mailing list archives
Re: Sending escape sequences to xterms via wall/talk
From: shipley () merde dis org (Evil Pete)
Date: Thu, 21 Jul 1994 18:04:39 -0700
This makes sense if you think about it. Suppose I was running /bin/passwd, I had just entered in my password, and then passwd core dumped for some reason. The core image would have my clear text password stored in it.
Worse yet, a entire buffer or more from the shadow password file
may be extracted from the core, thus allowing you to circumvent
the "security" of the shadow passwd system
-Pete
Current thread:
- Wall and talkd pass binary data, (continued)
- Wall and talkd pass binary data Rob Quinn (Jul 19)
- Flash/talkd Patrick Mcdowell (Jul 20)
- Re: Flash/talkd Eric Wedaa (Jul 20)
- Re: Wall and talkd pass binary data a.e.mossberg (Jul 20)
- Flash/talkd Patrick Mcdowell (Jul 20)
- Re: Wall and talkd pass binary data Martin Sean Bennet - Sun UK - CSG Engineer (Jul 20)
- Re: Sending escape sequences to xterms via wall/talk Mike Raffety (Jul 20)
- Re: Sending escape sequences to xterms via wall/talk Christopher A. Stewart (Jul 20)
- Re: Sending escape sequences to xterms via wall/talk Andrew Beckett (Jul 21)
- setuid root programs and core dumps Rob Quinn (Jul 21)
- Re: Sending escape sequences to xterms via wall/talk Paul Daw (Jul 21)
- Re: Sending escape sequences to xterms via wall/talk Evil Pete (Jul 21)
- Re: Sending escape sequences to xterms via wall/talk Christopher A. Stewart (Jul 21)
- Re: Sending escape sequences to xterms via wall/talk pluvius (Jul 22)
- Re: Sending escape sequences to xterms via wall/talk Mike Raffety (Jul 20)
- Wall and talkd pass binary data Rob Quinn (Jul 19)
- Is starting a user program on priv port via inetd dangerous ? Doug McLaren (Jul 21)
- Re: Is starting a user program on priv port via inetd dangerous ? Eric Murray (Jul 21)
- Re: Is starting a user program on priv port via inetd dangerous ? matthew green (Jul 21)
- Re: Is starting a user program on priv port via inetd dangerous ? Darren Reed (Jul 22)
- Re: Is starting a user program on priv port via inetd dangerous ? jmc () gnu ai mit edu (Jul 22)
- yes, there's another hole in BIND Paul A Vixie (Jul 21)
- Re: yes, there's another hole in BIND Resident Hacker (Jul 22)
- Re: yes, there's another hole in BIND Paul A Vixie (Jul 22)