|
Bugtraq
mailing list archives
Re: Xterm bug
From: wam () staff cc purdue edu (William McVey)
Date: Wed, 17 Nov 1993 17:47:53 -0500
mike () netsys com wrote:
Is there any possible way the xterm bug can be exploited without
being on a X terminal?
mike () netsys com
Short answer
============
yes
Long answer
===========
All that is needed to exploit the bug is to be able to start a local
invocation of xterm that is configured improperly. In order for xterm
to start it needs a DISPLAY that it can access. You don't have to be
at this display to get xterm to run. You just need permission to open
windows on it. Since there are many sites that (unfortunately) don't
run with authentication on their X servers, you could set your display
to be one of these remote sites, give the command line previously
mentioned, and be on your way.
-- William McVey
 By Date 
By Thread
Current thread:
- Xterm bug Mike (Nov 17)
- Re: Xterm bug William McVey (Nov 17)
| 
Intro
