4184798 1999-08-03 19:15 /29 rader/ Postmaster Mottagare: Bugtraq (import) <7175> Ärende: midnight commander vulnerability(?) (fwd) ------------------------------------------------------------ Approved-By: aleph1@SECURITYFOCUS.COM Delivered-To: bugtraq@securityfocus.com MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Message-ID: <Pine.BSO.4.10.9908011939270.28846-100000@cc.cyber.pl> Date: Sun, 1 Aug 1999 19:39:39 +0000 Reply-To: coda <coda@CYBER.PL> Sender: Bugtraq List <BUGTRAQ@SECURITYFOCUS.COM> From: coda <coda@CYBER.PL> X-To: bugtraq@securityfocus.com To: BUGTRAQ@SECURITYFOCUS.COM <eot> ---------- Forwarded message ---------- Date: Sun, 1 Aug 1999 00:51:00 +0000 (GMT) From: coda <coda@cyber.pl> To: bugtraq@security.com Subject: midnight commander vulnerability(?) privileges of $HOME/.mc/ are default rwx-rx--rx- if anyone has used built in mc ftp-client and has put link like: password:user@some.host, in file history in foledr $HOME/.mc/ is stored in a key in '[inp FTP to machine ]' tree. <eot> coda (4184798) ------------------------------------------(Ombruten)