[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: rxvt exploit



On Sat, Jun 16, 2001 at 06:25:32AM -0800, Ethan Benson wrote:
> On Sat, Jun 16, 2001 at 10:14:52AM -0400, Ehsan (Shawn) Baseri wrote:
> > Just saw this, thought you guys might be interested.  Not sure how 
> > damaging the exploit is though.
> 
> you get gid=utmp, which lets you corrupt the utmp database.  overall
> not that big a deal but could cause some fair ammount of problems.  

 I think I saw someone say a while ago that getting write access to
utmp and/or wtmp was a bigger deal than it looked, because some other
programs trust the structure of the file, and you could potentially
exploit other programs through utmp.  This is especially important if
these other programs are being run by root.

-- 
#define X(x,y) x##y
Peter Cordes ;  e-mail: X(peter@llama.nslug. , ns.ca)

"The gods confound the man who first found out how to distinguish the hours!
 Confound him, too, who in this place set up a sundial, to cut and hack
 my day so wretchedly into small pieces!" -- Plautus, 200 BCE



Reply to: