"+ +" in printcap files

"+ +" in printcap files

Post by Gregory J. Sande » Tue, 15 Jul 1997 04:00:00

A machine at our site was recently the target of a breakin.  Someone
guessed a user's password and then used the expreserve bug to manipulate

I also noticed that our /etc/printcap file was modified.  The characters
"+ +" were placed on a line by themselves, followed by a bunch of ascii

Does this conform to any known method of compromising security?

Greg Sandell

p.s. email replies appreciated.


Parmly Hearing Institute, Loyola University Chicago
6525 N. Sheridan Chicago IL 60626 USA voice:773-508-3976 FAX:773-508-2719
WWW: http://www.parmly.luc.edu/sandell/