Re: debian pppd chatscript

From: Wichert Akkerman (wichertat_private)
Date: Tue Dec 16 1997 - 09:01:12 PST

Next message: Cristian Gafton: "Re: Buffer Overruns in RedHat 5.0"

Previous message: Aleph One: "CERT Advisory CA-97.28 - Teardrop_Land"
Maybe in reply to: Stephen Hardman: "debian pppd chatscript"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

--bp/iNruPH9dso1Pn
Content-Type: text/plain; charset=us-ascii

Previously Stephen Hardman wrote:
> I should probably send it off to a debian bug/security
> list as well... but it's quite relavent here.

We received it.

> This didn't happen until I recently reinstalled Debian.

There was a bug in one of the Debian packages with the example
chatscript. The error was that there was a line like the following:

assword:                \qPaSsWoRd\q

Since \q is a toggle, the second \q toggles the do-no-display flag
and the password is faithfully echoed to the syslog.

Please check if you did not make the same error in your script.
We cannot check anything without some more information.

Wichert.

--bp/iNruPH9dso1Pn
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: 2.6.3ia

iQB1AwUBNJaz2KjZR/ntlUftAQErIgMAkp0AH6NqCjxaDjnxPUJ5kgOUDBLHTJe8
0lrfIs2dkPf4HQgmGU342pfWvY7Xqr0N/QubK2G8TpwMLBHukISkT9fsVxcbxJr/
qrEXNkDxsjDz4ZacQbvtD3gJAi5aSa9S
=QaT2
-----END PGP SIGNATURE-----

--bp/iNruPH9dso1Pn--

Next message: Cristian Gafton: "Re: Buffer Overruns in RedHat 5.0"
Previous message: Aleph One: "CERT Advisory CA-97.28 - Teardrop_Land"
Maybe in reply to: Stephen Hardman: "debian pppd chatscript"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 13:36:33 PDT