Bugtraq mailing list archives

Re: IRIX 5.2 Security Advisory

From: little () ragnarok hks com (Jim Littlefield)
Date: Tue, 9 Aug 1994 16:57:11 -0400


On Aug 9, 11:03am, Dave Sill wrote:
: Steve Kotsopoulos wrote:
: >
: >: There is no way to know if someone has exploited the bug. It's such
: >: a quiet little hole that it doesn't leave a mark anywhere. You don't
: >: even have to logon to exploit it. That's how bad it is.
:
: Wait a minute, they said the bug could be exploited without logging in?

Seems possible. The xdm login window has a "Help" button. I assume that the
hole is accessed via the help window.

-- 

Jim Littlefield  <little () hks com>      I prefer caffeine free, clear, diet Jolt.

Current thread:

IRIX 5.2 Security Advisory Steve Kotsopoulos (Aug 09)
- Re: IRIX 5.2 Security Advisory Dave Sill (Aug 09)
- Re: IRIX 5.2 Security Advisory max () gac edu (Aug 09)
- Re: IRIX 5.2 Security Advisory Marc W. Mengel (Aug 09)
- <Possible follow-ups>
- Re: IRIX 5.2 Security Advisory Jim Littlefield (Aug 09)
- Re: IRIX 5.2 Security Advisory Karyn Pichnarczyk (Aug 09)
  - Re: IRIX 5.2 Security Advisory Perry E. Metzger (Aug 10)
- Re: IRIX 5.2 Security Advisory Bob Vickers (Aug 10)