Vulnerability Development mailing list archives
Re: terminal weirdness?
From: Matt Zimmerman <mdz () CSH RIT EDU>
Date: Sat, 10 Mar 2001 03:20:52 -0500
On Fri, Mar 09, 2001 at 12:22:29AM -0600, Curt Wilson wrote:
I recall a while back there was an ADM tool, a local exploit, that used escape sequences to create dangerous command lines that got passed into your shell - for instance adding passwords, + + to .rhosts, and the like that would execute with the security privs of the current user.
Back in the DOS days, it was possible to do this sort of thing using ANSI escape sequences. These are powerful enough to do really nasty things like assign macros (arbitrary strings) to keystrokes. I don't know who imagined that to be a good place to implement that kind of functionality. -- - mdz
Current thread:
- Re: terminal weirdness?, (continued)
- Re: terminal weirdness? Crispin Cowan (Mar 09)
- Re: terminal weirdness? Allen J. Newton (Mar 09)
- Re: terminal weirdness? Ron DuFresne (Mar 10)
- Re: terminal weirdness? Allen J. Newton (Mar 11)
- Re: terminal weirdness? Matt Zimmerman (Mar 10)
- Re: terminal weirdness? Ron DuFresne (Mar 08)
- Re: terminal weirdness? Matt Zimmerman (Mar 08)
- Re: terminal weirdness? Curt Wilson (Mar 09)
- Re: terminal weirdness? Damian Menscher (Mar 09)
- Re: terminal weirdness? Matt Zimmerman (Mar 10)
- Re: terminal weirdness? Systems Administrator (Mar 10)
- Re: terminal weirdness? Matt Zimmerman (Mar 10)