Re: GIF for KDE

To: debian-user@lists.debian.org
Subject: Re: GIF for KDE
From: Dima <dima@eris.dev.null>
Date: Thu, 08 May 1997 02:30:43 +0800
Message-id: <"SQQb52.0.mQ6.dOESp"@debian>
Reply-to: emaziuk@curtin.edu.au
In-reply-to: Your message of "Tue, 06 May 1997 20:11:50 -0400." <19970506201150.41368@kite.ml.org>

You wrote:
>Rick Jones:
>> 
>> Yes.  I saw the posting to the kde list by Alan Cox, I believe it was.  I
>> wonder if you, or another Debianite, could tell me just how easy it would
>> be to attach to a tcp port and send/recv commands to take advantage of
>> that security hole?  I know a programmer would have no trouble exploiting
>> this.  What about the common Joe?
>
>All it takes is one cracker who writes an exploit script for it. I have no
>idea how easy it is to do, though Alan gave the impression it was trival..

It's in any book on unix network programming (in Stevens it's in chapter 6.)
I'm not familiar with KDE but I suspect it'll crash if you simply stuff enough
random bytes in the socket (see ch. 6.6 op. cit. for code.)  You'd need to look
at KDE sources if you wanted to do something nastier.

However, as Rick says, all it takes is one cracker.

--
Dimitri

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-user-request@lists.debian.org . 
Trouble?  e-mail to templin@bucknell.edu .

Reply to:

Follow-Ups:
- Re: GIF for KDE
  - From: Dima <dima@eris.dev.null>

References:
- Re: GIF for KDE
  - From: Joey Hess <joey@kite.ml.org>

Prev by Date: Re: Matrox Millenium
Next by Date: Re: Backspace in rxvt
Previous by thread: Re: GIF for KDE
Next by thread: Re: GIF for KDE
Index(es):
- Date
- Thread