[6603] in bugtraq
pine/pico vt control characters bug [2]
daemon@ATHENA.MIT.EDU (Michal Zalewski)
Sat Apr 25 15:08:13 1998
Date: Sat, 25 Apr 1998 19:05:41 +0200
Reply-To: Michal Zalewski <lcamtuf@BOSS.STASZIC.WAW.PL>
From: Michal Zalewski <lcamtuf@BOSS.STASZIC.WAW.PL>
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.3.96.980425141009.4550A-100000@genome>
/* back to the 0x9B char */
Just as an addendum - risk of '0x9B bug' depends mainly on terminal
capabilities - while 'dumb' terminals are mostly safe (maybe except DoS
attacks, destruction of display, etc) - smarter ones are vunerable to
things like parsing arbitrary strings as typed from keyboard, changing
terminal options, writing files and executing arbitrary code (see
'capabilities' section on termcap manpage, then termcap entry for your
terminal type). Most of them, if implemented, are available via 0x9B
control character.
_______________________________________________________________________
Michal Zalewski [lcamtuf@boss.staszic.waw.pl] <= finger for pub PGP key
Iterowac jest rzecza ludzka, wykonywac rekursywnie - boska [P. Deutsch]
[echo "\$0&\$0">_;chmod +x _;./_] <=------=> [tel +48 (0) 22 813 25 86]
