Home page logo

bugtraq logo Bugtraq mailing list archives

Re: Securax Advisory 13
From: Fyodor <fygrave () SCORPIONS NET>
Date: Tue, 2 Jan 2001 14:19:13 -0500

      no  source  code  to audit.  This document is subject to change
      prior notice.

I.  Problem Description

when someone telnets to a unix system, the tty that will be assigned to him
will be writable for any user on the system. However, when he is logged in,
his tty will not be writable for all users. So if someone would write data
a tty that is currently used by someone who's logging in, that person won't
be able to log in.

Wrong, he will be. Having the tty w/w is not a good thing however, you
could throw some junk on a user's screen which could mess-up terminal
settings pretty badly.


PGP fingerprint = 56DD 1511 DDDA 56D7 99C7  B288 5CE5 A713 0969 A4D1

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]