Bugtraq mailing list archives
Re: Securax Advisory 13
From: Fyodor <fygrave () SCORPIONS NET>
Date: Tue, 2 Jan 2001 14:19:13 -0500
no source code to audit. This document is subject to change without prior notice. I. Problem Description ----------------------- when someone telnets to a unix system, the tty that will be assigned to him will be writable for any user on the system. However, when he is logged in, his tty will not be writable for all users. So if someone would write data to a tty that is currently used by someone who's logging in, that person won't be able to log in.
Wrong, he will be. Having the tty w/w is not a good thing however, you could throw some junk on a user's screen which could mess-up terminal settings pretty badly. -F -- http://www.notlsd.net PGP fingerprint = 56DD 1511 DDDA 56D7 99C7 B288 5CE5 A713 0969 A4D1
Current thread:
- Securax Advisory 13 incubus (Jan 02)
- Re: Securax Advisory 13 Fyodor (Jan 02)
- Re: Securax Advisory 13 Michal Zalewski (Jan 02)
- Re: Securax Advisory 13 Arturo Busleiman (Jan 03)
- <Possible follow-ups>
- Re: Securax Advisory 13 teleh0r (Jan 03)
- Re: Securax Advisory 13 Jarno Huuskonen (Jan 03)