Bugtraq mailing list archives
Re: Troff dangerous.
From: smb () RESEARCH ATT COM (Steven M. Bellovin)
Date: Mon, 26 Jul 1999 15:28:39 -0400
In message <199907251418.KAA05569 () loverso southborough ma us>, John Robert LoVe rso writes:
This isn't a problem with "troff" or any of it's varients. Instead, this is an exploit purely with "groff", the GNU reimplementation. Troff doesn't have the file stream or ".pso" requests; those are purely part of groff. Thus, this affects only systems with groff installed (all Linux and FreeBSD systems, at least). John
Umm, not quite. My 1976 (no, that's not a typo) nroff/troff manual has .pi -- pipe output to program; .sy is also ancient, and probably there since at least since 1977. My 1981 addendum also lists .! as another way to do shell escapes.
Current thread:
- Re: Troff dangerous., (continued)
- Re: Troff dangerous. Joel Eriksson (Jul 25)
- Re: Troff dangerous. Pete (Jul 25)
- Re: Troff dangerous. Robert Watson (Jul 27)
- Re: Troff dangerous. Yozo Toda (Jul 25)
- Re: Troff dangerous. Eric Moore (Jul 25)
- Re: Troff dangerous. Ville Nummela (Jul 27)
- Re: Troff dangerous. Pete (Jul 25)
- Re: Troff dangerous. Jason Thorpe (Jul 25)
- Retrieving RDS Data... Wanderley J. Abreu Jr (Jul 26)
- Re: Troff dangerous. Bob Beck (Jul 26)
- Re: Troff dangerous. Ronny Cook (Jul 25)
- Re: Troff dangerous. Steven M. Bellovin (Jul 26)
- Re: Troff dangerous. Groovy Pants Gus (Jul 26)
- Re: Troff dangerous. Joel Eriksson (Jul 25)