Re: Security hole in cfingerd 1.4.2

Subject: Re: Security hole in cfingerd 1.4.2
From: Pete (pete@home.com)
Date: Fri May 05 2000 - 00:27:49 CEST

• sorted by: [ date ] [ thread ] [ subject ] [ author ]
• Next message: Peter Todd: "subscribe"
• Previous message: Martin Schulze: "Re: Security hole in cfingerd 1.4.2"
• In reply to: Martin Schulze: "Re: Security hole in cfingerd 1.4.2"
• Reply: Pete: "Re: Security hole in cfingerd 1.4.2"

This is not Peter Todd's E-Mail address try again.

Thank you the real pete@home.com

Martin Schulze wrote:
>
> Peter Todd wrote:
> > You can find out stuff about the file structure of a cfingerd running
> > system by passing * and ? as fake_user arguments. For instance if you
> > use the ping fake user script in the examples you can check if /tmp
> > exists by running finger "ping./tm?@somesite" If /tmp exists ping will
> > say "Performing a ping to /tmp" if not it will say "Performing a ping
> > to /tm?"
> >
> > You don't seem to escape * and ? in the safe_exec() code. I would have
> > made a patch myself but I didn't know what repercussions that would
> > have...
>
> diff -u or diff -NuR would be fine.
>
> A patch is appreciated.
>
> Regards,
>
> Joey
>
> --
> GNU GPL: "The source will be with you... always."

• Next message: Peter Todd: "subscribe"
• Previous message: Martin Schulze: "Re: Security hole in cfingerd 1.4.2"
• In reply to: Martin Schulze: "Re: Security hole in cfingerd 1.4.2"
• Reply: Pete: "Re: Security hole in cfingerd 1.4.2"

This archive was generated by hypermail 2b25 : Fri May 05 2000 - 00:30:04 CEST