Bugtraq mailing list archives
Re: Regarding Mudge's OBP/FORTH root hack (PHRACK53)
From: spaf () CS PURDUE EDU (Gene Spafford)
Date: Sat, 11 Jul 1998 19:18:17 -0500
Well, not to detract from Mudge's reputation, but there were several exploits published in 90-92 dealing with dropping into the console monitor/debugger on Suns and poking at various things in memory. This is hardly new. This is also how you can steal Kerberos tickets and passwords, PGP keys, and other assorted goodies if you have physical access to a machine someone is using remotely. And this isn't new to anyone who ever poked around in memory on an old PDP machine, or an old DG or Prime box, or.... I'll let you draw your own conclusions from this story. I will note that there is a reason Sun monitors have those security settings, and why the documentation suggests setting them. --spaf
Current thread:
- Re: Linux kernel filesystem oddities, (continued)
- Re: Linux kernel filesystem oddities Jeffrey Hutzelman (Jul 09)
- dslip package David Kopstain (Jul 09)
- SLMail 3.0.2421 Stack Overflow... Aleph One (Jul 09)
- Re: SmurfLog 1.0 Solar Designer (Jul 06)
- Re: SmurfLog 1.0 Bug Lord (Jul 10)
- port 0 scanning Lamont Granquist (Jul 08)
- Re: port 0 scanning Lamont Granquist (Jul 09)
- Regarding Mudge's OBP/FORTH root hack (PHRACK53) Jericho Nunn (Jul 10)
- Re: Regarding Mudge's OBP/FORTH root hack (PHRACK53) John W. Temples (Jul 11)
- Re: Regarding Mudge's OBP/FORTH root hack (PHRACK53) Casper Dik (Jul 13)
- Re: Regarding Mudge's OBP/FORTH root hack (PHRACK53) Gene Spafford (Jul 11)
- Re: Regarding Mudge's OBP/FORTH root hack (PHRACK53) Mike Scher (Jul 11)
- Re: Regarding Mudge's OBP/FORTH root hack (PHRACK53) Casper Dik (Jul 13)
- [FWD] Attention: Please update your imapd Raj Singh (Jul 13)
- Re: port 0 scanning Lamont Granquist (Jul 09)
- Re: port 0 scanning Dagmar d'Surreal (Jul 10)