Message-ID: <email address hidden> Date: Fri, 30 Sep 2005 13:57:58 +0200 From: =?iso-8859-1?Q?Lo=EFc?= Minier <email address hidden> To: Paul Szabo <email address hidden>, <email address hidden>, <email address hidden> Subject: Re: Bug#329156: /usr/sbin/gnome-pty-helper: writes arbitrary utmp records
tags 329156 + upstream security forwarded 329156 http://bugzilla.gnome.org/show_bug.cgi?id=3D317312 clone 329156 -1 reassign -1 libvte4 thanks
[ THIS IS A RESEND, PREVIOUS MAIL WAS LOST. ]
Hi,
On Tue, Sep 20, 2005, Paul Szabo wrote: > gnome-pty-helper can be made to write utmp/wtmp records with arbitrary > DISPLAY (host) settings. I am not sure if it can be tricked into erasin= g > existing records.
This vulnerability is identified as CAN-2005-0023. The upstream developers of vte have been notified of the bug at: <http://bugzilla.gnome.org/show_bug.cgi?id=3D317312>
Bye, --=20 Lo=EFc Minier <email address hidden>
Message-ID: <email address hidden> 1?Q?Lo= EFc?= Minier <email address hidden> gnome-pty- helper: writes arbitrary utmp records
Date: Fri, 30 Sep 2005 13:57:58 +0200
From: =?iso-8859-
To: Paul Szabo <email address hidden>, <email address hidden>,
<email address hidden>
Subject: Re: Bug#329156: /usr/sbin/
tags 329156 + upstream security bugzilla. gnome.org/ show_bug. cgi?id= 3D317312
forwarded 329156 http://
clone 329156 -1
reassign -1 libvte4
thanks
[ THIS IS A RESEND, PREVIOUS MAIL WAS LOST. ]
Hi,
On Tue, Sep 20, 2005, Paul Szabo wrote:
> gnome-pty-helper can be made to write utmp/wtmp records with arbitrary
> DISPLAY (host) settings. I am not sure if it can be tricked into erasin=
g
> existing records.
This vulnerability is identified as CAN-2005-0023. The upstream bugzilla. gnome.org/ show_bug. cgi?id= 3D317312>
developers of vte have been notified of the bug at:
<http://
Bye,
--=20
Lo=EFc Minier <email address hidden>