Re: Found security expliot in port phpBB 2.0.8 FreeBSD4.10

• Previous message: Kris Kennaway: "Re: Found security expliot in port phpBB 2.0.8 FreeBSD4.10"
• In reply to: Peter C. Lai: "Re: Found security expliot in port phpBB 2.0.8 FreeBSD4.10"
• Next in thread: Xin LI: "Re: Found security expliot in port phpBB 2.0.8 FreeBSD4.10"
• Reply: Xin LI: "Re: Found security expliot in port phpBB 2.0.8 FreeBSD4.10"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Date: Wed, 29 Dec 2004 19:32:26 +0000
To: "Peter C. Lai" <sirmoo@cowbert.net>

"Peter C. Lai" <sirmoo@cowbert.net>:
> On Mon, Dec 27, 2004 at 06:18:30PM -0800, Julian Elischer wrote:
> > might be a good idea if we "urged" users to update their phpbb a bit
> > more vocally.
>
> Or if someone had been vigilant enough to add a vuxml entry about it back
> in November. Waiting >30 days to update the database that portaudit uses
> is a bit longish, don't you think? The "urging" to which you refer is
> already one of the services provided by portaudit.

first of all, if you run a machine you care about, you should think
twice before installing a software which has a bad security track
as phpBB has. secondly, most of the time we do not know security
issue any earlier then they get posted to bugtraq or similiar
mailinglists, so why dont you track these lists yourself?

sometimes we are quick on documenting security issues, sometimes
we are not, but instead of complaining you should help out, if
you want to improve this.

you can also give me some money as
additional motivation, so i dont need to go working but
sit at home and improve this.

greets, josef

-- 
Josef El-Rayes                   (__)
Email:	  josef@daemon.li     \\\'',) 
Web:	  http://daemon.li/     \/  \ ^
FreeBSD   Security Team         .\._/_)

• application/pgp-signature attachment: stored

• Previous message: Kris Kennaway: "Re: Found security expliot in port phpBB 2.0.8 FreeBSD4.10"
• In reply to: Peter C. Lai: "Re: Found security expliot in port phpBB 2.0.8 FreeBSD4.10"
• Next in thread: Xin LI: "Re: Found security expliot in port phpBB 2.0.8 FreeBSD4.10"
• Reply: Xin LI: "Re: Found security expliot in port phpBB 2.0.8 FreeBSD4.10"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages Re: Privacy invaded, computer & internet dying, desperate, computer apocalypse. ... Home Computer Security ... Spyware and Hijackware Removal Specialists ... > Dont let the email adress put you off as well. ... > be endangering your security of your home computer. ... (microsoft.public.windowsxp.security_admin) RE: Anyone know this ? ... CCNA CEH Security+ MCSE MCP+I ... 220-..:: Dont Hammer ... to facilitate one-on-one interaction with one of our expert instructors. ... Attend a course taught by an expert instructor with years of in-the-field ... (Pen-Test) Re: faking post data ... check with the bank first. ... If they dont mind, they could ... About security and phishing. ... (comp.lang.php) EC-Counsil ... I dont really care about getting a certification, ... Ethical Hacking at the InfoSec Institute. ... with one of our expert instructors. ... learn to write exploits and attack security infrastructure. ... (Pen-Test) Re: Do you use HOSTS file ? ... Thor Kottelin wrote in message ... > IS security is usually defined as data availability, ... I have nothing against "normal ads". ... But I dont want: tracking cookies for instance. ... (comp.security.misc)