[11238] in bugtraq
midnight commander vulnerability(?) (fwd)
daemon@ATHENA.MIT.EDU (coda)
Tue Aug 3 13:17:59 1999
Mime-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Message-Id: <Pine.BSO.4.10.9908011939270.28846-100000@cc.cyber.pl>
Date: Sun, 1 Aug 1999 19:39:39 +0000
Reply-To: coda <coda@CYBER.PL>
From: coda <coda@CYBER.PL>
X-To: bugtraq@securityfocus.com
To: BUGTRAQ@SECURITYFOCUS.COM
<eot>
---------- Forwarded message ----------
Date: Sun, 1 Aug 1999 00:51:00 +0000 (GMT)
From: coda <coda@cyber.pl>
To: bugtraq@security.com
Subject: midnight commander vulnerability(?)
privileges of $HOME/.mc/ are default rwx-rx--rx-
if anyone has used built in mc ftp-client and has put link like:
password:user@some.host, in file
history in foledr $HOME/.mc/ is stored in a key in '[inp FTP to machine ]'
tree.
<eot>
coda
