Bugtraq mailing list archives

Re: Sol2.x Mouse EXPLOIT info - CORRECTION

From: dsiebert () icaen uiowa edu (Doug Siebert)
Date: Wed, 18 Jan 1995 14:38:19 -0600 (CST)


In message <199501181524.KAA24318 () ussenterprise async vt edu>, Leo Bicknell wri
tes:

    Ok, I'll point out a few things.  "#" is not a valid charactor
in a host name, and a good bind server will not return it.  I was
unable to get my bind server to return a hostname with a # in it,
so even if someone hacked the bind server for your site it wouldn't
matter.


I don't know of any BIND server which won't let you put in a "#" in
a host name.  I've done quite a bit of checking of DNS, and I've found
quite arbitrary characters in people's DNS data.  You can argue
to the contrary, but that's beyond the scope of this list.

    Another thing not considered, is that by default under Ultrix
all the network tty's are _unsecure_ meaning root cannot log in on
them no matter what .rhosts says.  Unless you have changed this it
is absolutely not possible for this to be a problem.


You mean except for "rsh ultrixhost rm -rf /"

Remember, with /.rhosts, having unsecure ttys has no effect.

--Dave




Or instead of rm -rf /, how about using sed to change those ttys to secure to
allow you a normal login?


-- 
Doug Siebert
dsiebert () isca uiowa edu

Current thread:

Re: Sol2.x Mouse EXPLOIT info - CORRECTION Leo Bicknell (Jan 18)
- Re: Sol2.x Mouse EXPLOIT info - CORRECTION David Barr (Jan 18)
  - Re: Sol2.x Mouse EXPLOIT info - CORRECTION Doug Siebert (Jan 18)
    - Re: Sol2.x Mouse EXPLOIT info - CORRECTION Timothy Newsham (Jan 19)
    - O/S holes Matthew Harding (Jan 19)
- Attach on DES paper??? Robert Moskowitz (Jan 18)
  - Re: Attach on DES paper??? Perry E. Metzger (Jan 19)
  - Re: Attach on DES paper??? Alexander Haiut (Jan 19)
- Re: Sol2.x Mouse EXPLOIT info - CORRECTION Timothy Newsham (Jan 19)