[7339] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

screen problems

daemon@ATHENA.MIT.EDU (is it time?)
Tue Jul 21 17:18:36 1998

Date: 	Mon, 20 Jul 1998 20:30:05 -0500
Reply-To: is it time? <velocity@IONSYS.COM>
From: is it time? <velocity@IONSYS.COM>
To: BUGTRAQ@NETSPACE.ORG

This is a problem present in screen 3.7.4.  When a user uses ^A > in screen
to save whatever he has cut, the file /tmp/screen-exchange is created.  This
file contains whatever was in the cut buffer at the time.  This can be exploite
If a normal user links /tmp/screen-exchange to a sensetive file, such as
/etc/passwd, whenever root uses ^A > to save his buffer to file, whatever
file /tmp/screen-exchage is linked to, is overwritten.  This is bad.

vel0city
velocity@ionsys.com


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[7339] in bugtraq

screen problems

daemon@ATHENA.MIT.EDU (is it time?)Tue Jul 21 17:18:36 1998

daemon@ATHENA.MIT.EDU (is it time?)
Tue Jul 21 17:18:36 1998