[667] in bugtraq
Re: Sol2.x Mouse EXPLOIT info - CORRECTION
daemon@ATHENA.MIT.EDU (Doug Siebert)
Wed Jan 18 20:00:07 1995
From: Doug Siebert <dsiebert@icaen.uiowa.edu>
To: barr@pop.psu.edu (David Barr)
Date: Wed, 18 Jan 1995 14:38:19 -0600 (CST)
Cc: bugtraq@fc.net
In-Reply-To: <199501181914.OAA07678@bosnia.pop.psu.edu> from "David Barr" at Jan 18, 95 02:14:32 pm
>
> In message <199501181524.KAA24318@ussenterprise.async.vt.edu>, Leo Bicknell wri
> tes:
> > Ok, I'll point out a few things. "#" is not a valid charactor
> >in a host name, and a good bind server will not return it. I was
> >unable to get my bind server to return a hostname with a # in it,
> >so even if someone hacked the bind server for your site it wouldn't
> >matter.
>
> I don't know of any BIND server which won't let you put in a "#" in
> a host name. I've done quite a bit of checking of DNS, and I've found
> quite arbitrary characters in people's DNS data. You can argue
> to the contrary, but that's beyond the scope of this list.
>
> > Another thing not considered, is that by default under Ultrix
> >all the network tty's are _unsecure_ meaning root cannot log in on
> >them no matter what .rhosts says. Unless you have changed this it
> >is absolutely not possible for this to be a problem.
>
> You mean except for "rsh ultrixhost rm -rf /"
>
> Remember, with /.rhosts, having unsecure ttys has no effect.
>
> --Dave
>
Or instead of rm -rf /, how about using sed to change those ttys to secure to
allow you a normal login?
--
Doug Siebert
dsiebert@isca.uiowa.edu
