lynx-dev
[Top][All Lists]
Advanced
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: LYNX-DEV VU#5135 (Lynx vulnerability?) (fwd)

From: Scott McGee (Personal)
Subject: Re: LYNX-DEV VU#5135 (Lynx vulnerability?) (fwd)
Date: Tue, 24 Jun 1997 11:48:48 -0600 
Larry mentioned getting an error when trying the CERT URL's on his system.
On my system I tried both. The first one started a /bin/sh that would not 
respond to most keys. I assume from an earlier post that there is a way to
get it to so respond, and hence gain access on the machine. The second URL
gave an error the first time I tried it, but the second time, I changed the
prompted filename from /etc/passwd to just passwd and lynx happily created
a copy of the password file for me. Not Good!

My system is, of course, a Solaris 2.4 system.

Scott

Scott McGee: Salt Lake Community College Webmaster | When in danger,
___________________________________________________| or in doubt,
Email: address@hidden (Scott McGee)         | run in circles,
Web:   http://www.slcc.edu/infotech/webmaster.html | scream and shout.
----------------------------------------------------------------------
My opinions do not necessarily reflect those of the College. Trust me!
;
; To UNSUBSCRIBE:  Send a mail message to address@hidden
;                  with "unsubscribe lynx-dev" (without the
;                  quotation marks) on a line by itself.
;
reply via email to
[Prev in Thread] Current Thread [Next in Thread]