Getting Hacked Through Your Terminal
hdm writes "My company recently published a paper on security issues with common terminal emulator applications. The interesting thing about these vulnerabiltiies is that many of them only require the victim to be running tail on their log files (apache, syslog, etc) for the attack to be successful. The paper (TXT) can be found here."
Given the profliferation of exploits related to race conditions, predictible file creation, etc,
;-)
we should henceforth re-tool our code to only make use of stateless protocols!
The difference between stupidity and genius is that genius has its limits.
So they discovered ANSI bombs over again.
Simple! Just tell Linux not to load ANSI.SYS, problem solved!
In my neck of the woods TXT is practically synonymous with text messaging. No, actually it's, synonymous with the delivery of TXT msg svrl hrs aftr u snt thm...
# init 5
Connection closed.
Oh...
The bad news: Evil black hat hackers can use remote exploits to move the OSX terminal around the screen.
The good news: With the velvet smooth animated motion, harmonizing colors, translucent effects and drop shadows, being 0wned has never looked better!