Xref: utzoo news.sysadmin:1818 comp.unix.wizards:13163
Path: utzoo!utgpu!watmath!clyde!att!rutgers!psuvax1!psuhcx!wcf
From: wcf@psuhcx.psu.edu (Bill Fenner)
Newsgroups: news.sysadmin,comp.unix.wizards
Subject: Re: Trojan horse possible with news readers
Message-ID: <1078@psuhcx.psu.edu>
Date: 4 Dec 88 18:47:25 GMT
References: <6775@rosevax.Rosemount.COM> <1261@vsi1.UUCP>
Reply-To: wcf@psuhcx (Bill Fenner)
Organization: Penn State University
Lines: 25

In article <1261@vsi1.UUCP> lmb@vsi1.UUCP (Larry Blair) writes:
|In article <6775@rosevax.Rosemount.COM> merlyn@ernie.rosemount.com writes:
|=Many news reading programs (rn, vnews, others?) allow you include the
|=original text when following-up or replying-to articles.  The
|=default editor is usually vi; some versions of vi will execute
|=commands if it sees a line (near the top or bottom of a file)
|=of the form <e><x><:><command><:>
|
|The newsreader I use (rn) prepends a string to the included text.
|I don't believe that those braindamaged versions of vi will execute:
|
|> ex:!sh -c 'echo any command'>/tmp/NEWSBUG:

Mine did... after seeing the above, with both a | and a > in front of it.
It did it when I replied to his message, and it did it when I followed up
to this one.

Lovely.

  Bill
-- 
    Bitnet: wcf@psuhcx.bitnet     Bill Fenner     | "Ain't got no cash,
   Internet: wcf@hcx.psu.edu                      |  Ain't got no style
  UUCP: {gatech,rutgers}!psuvax1!psuhcx!wcf       |  Ain't got no girls 
 Fido: Sysop at 263/42 (814/238 9633)  \hogbbs!wcf|  To make me smile"