Bugtraq mailing list archives
Re: pam_console bug
From: lcamtuf () DIONE IDS PL (Michal Zalewski)
Date: Thu, 4 May 2000 09:51:54 +0200
On Thu, 4 May 2000, Benjamin Smee wrote:
As a NORMAL user this would load the keymap for ALL consoles. Initially I didnt think it was anything new as in the man page I found: [...]
Uh, problem is even worse, I decided not to post it... tty users may for example do PIO_CMAP ioctl, rendering all consoles unusable. Many dangerous ioctls() are available for users simply having open fd to /dev/ttyX, fortunately you might call ioctl() only when you're logged on console, logout causes hang up of the tty device. To do it again, you must log locally one more time. _______________________________________________________ Michal Zalewski [lcamtuf () tpi pl] [tp.internet/security] [http://lcamtuf.na.export.pl] <=--=> bash$ :(){ :|:&};: =-----=> God is real, unless declared integer. <=-----=
Current thread:
- Wemilo cassius () HUSHMAIL COM (Apr 30)
- pam_console bug Michal Zalewski (May 02)
- Re: pam_console bug Benjamin Smee (May 03)
- Re: pam_console bug Michal Zalewski (May 04)
- Re: pam_console bug Benjamin Smee (May 03)
- Re: Wemilo daedalus (May 02)
- Possible issue with Cisco on-line help? Fernando Montenegro (May 02)
- Re: Possible issue with Cisco on-line help? Fernando Montenegro (May 04)
- Re: Possible issue with Cisco on-line help? Lisa Napier (May 09)
- Re: Possible issue with Cisco on-line help? Fernando Montenegro (May 04)
- 4ward:It's a blue world! deepquest () NETSCAPE NET (May 02)
- Denial of service attack against tcpdump bretonh () PARANOIA PGCI CA (May 02)
- Re: Denial of service attack against tcpdump antirez (May 03)
- Re: Denial of service attack against tcpdump Sebastian (May 03)
- Re: Denial of service attack against tcpdump Dragos Ruiu (May 03)
- Re: Denial of service attack against tcpdump Gerald Combs (May 03)
(Thread continues...)
- pam_console bug Michal Zalewski (May 02)