Hi. On Wed, Oct 02, 2002 at 12:00:38PM -0400, buzheng wrote: > But, the remote setting of TTYPROMPT does matter. you can not succeed in > login without remotely changing the TTYPROMPT. This is also the bug > mentioned in Jonathan's original letter (bid:5531). Which is plain wrong. This may be true for the 64 times " c" method, but in the generic case it does not matter. The second bug in login, where login walks out of a 64 (char *) array can be exploited remotely to gain root privileges even if you cannot login as root legally and even if you do not touch TTYPROMPT at all. > If you have applied patches for these 2 bugs, you are safe now. And everybody should have done so since November 2001. > -- > bu,zheng <buzheng2001@yahoo.com> ciao, Sebastian -- -. scut@nb.in-berlin.de -. + http://segfault.net/~scut/ `--------------------. -' segfault.net/~scut/pgp `' 5453 AC95 1E02 FDA7 50D2 A42D 427E 6DEF 745A 8E07 `- project grasp infiltrated, phantom works falling. hi echelon! ------------'
