: *.test, *.example, and *.invalid. Unfortunately,
www.foo.example is less obviously a host name compared to www.example.com.
- Some other place-holder that is not a valid domain such as victim,
etc.
That works too.
--
Nate Eldredge
n...@thatsmathematics.com
people should go back and read Casper's email where he explained
that it came about with a Kerberos project.
I presume that refers only to the telnetd bug, and not to login -f.
--
Nate Eldredge
[EMAIL PROTECTED]
for bringing it up.
--
Nate Eldredge
[EMAIL PROTECTED]
are identical,
period. And unless crypt() and /etc/shadow are both broken, it will stop
at the right place. I realize it goes against the reflexive only strn*
functions are safe idea, but that shouldn't substitute for thinking...
--
Nate Eldredge
[EMAIL PROTECTED]
arbitrary limits on globbing.
--
Nate Eldredge
[EMAIL PROTECTED]
e
argument.
If you can sucker them into processing an untrustworthy .mc file, they
are in trouble anyway:
#! /usr/bin/m4
syscmd(chmod 04755 /home/hax0r/sh)
--
Nate Eldredge
[EMAIL PROTECTED]
in the configuration
files.
(Note that I haven't tested this as I can't reproduce the
vulnerability with my current dosemu configuration.)
--
Nate Eldredge
[EMAIL PROTECTED]