Re: Xyplex terminal server bug

Matthew G. Harrigan (matth@MCR.COM)
Mon, 01 Dec 1997 21:50:18 -0800

At 09:30 PM 11/26/97 -0500, Aleksandr Pilosov wrote:

>I am not sure if Xyplex fixed that bug yet .. [snip]

The ctl-z concept can also be applied by simply entering a "?" at the
Likewise, I also found this out some time ago, but did not remember it
until I saw your posting. From what I remember, two things happen.
1. The logged in user information is set to "???", which leads me to
believe that with some creativity
and/or source code, unauthorized (resource challenged) users may be able to
force an administrative shell.
2. You are dropped into the command shell in which you are able to utilize
all the client programs
(i.e. rsh, telnet, etc..).

I'm not sure if it is necessarily tied into radius or not.
We do not have a xyplex term server in the lab, so if anyone has one they
experiment with, please post the results to this list.


Matthew G. Harrigan
CIO, Microcosm Computer Resources