Re: IRIX 5.2 Security Advisory

Jim Littlefield (little@ragnarok.hks.com)
Tue, 9 Aug 1994 16:57:11 -0400

On Aug 9, 11:03am, Dave Sill wrote:
: Steve Kotsopoulos wrote:
: >
: >: There is no way to know if someone has exploited the bug. It's such
: >: a quiet little hole that it doesn't leave a mark anywhere. You don't
: >: even have to logon to exploit it. That's how bad it is.
:
: Wait a minute, they said the bug could be exploited without logging in?

Seems possible. The xdm login window has a "Help" button. I assume that the
hole is accessed via the help window.

-- 

Jim Littlefield  <little@hks.com>      I prefer caffeine free, clear, diet Jolt.