Re: Control Character attacks on line printer log devices

From: Ian Jones (roux@speakeasy.org)
Date: 05/09/02

Next message: Harry Putnam: "Re: How to tell if iptables MASQ in enabled or not [easily]"

Previous message: Shawn: "Re: is this right?"
In reply to: snevel+usenet@sonic.net: "Control Character attacks on line printer log devices"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

From: Ian Jones <roux@speakeasy.org>
Date: Wed, 08 May 2002 18:00:44 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

snevel+usenet@sonic.net writes:
[...]
> on how line printers used as supposedly secure logging devices might
> actually be subverted by getting it to accept control characters.

This is a concern for non-printed logs too. There was a bugtraq today
about CR/LF hazards. IIRC, there was a published advisory for apache
last year on much the same thing.

Hmmm, time to review my syslog sources to see if a filter might be in
order.

-----BEGIN PGP SIGNATURE-----
Comment: Keeping the world safe for geeks.

iD8DBQE82co7wBVKl/Nci0oRApLTAJwJXk5Yq2GzEBrXc1ojHSknzXUrBgCgoh+x
PeN4HsznvW7tUDTRXzOfTC8=
=akG3
-----END PGP SIGNATURE-----

Next message: Harry Putnam: "Re: How to tell if iptables MASQ in enabled or not [easily]"
Previous message: Shawn: "Re: is this right?"
In reply to: snevel+usenet@sonic.net: "Control Character attacks on line printer log devices"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]