[Full-Disclosure] Sharutils buggy?
From: Peter Bieringer (full-disclosure@lists.netsys.com)
Date: 07/16/02
- Next message: Nathan Fain: "[Full-Disclosure] w32.frethem.k@mm and good reading"
- Previous message: Raju Mathur: "[Full-Disclosure] Counseling not to use Windows (was Re: Anonymoussurfing my ass\!)"
- In reply to: martin f krafft: "[Full-Disclosure] Sharutils buggy?"
- Next in thread: Charles 'core' Stevenson: "[Full-Disclosure] Sharutils buggy?"
- Reply: Charles 'core' Stevenson: "[Full-Disclosure] Sharutils buggy?"
- Reply: Charles 'core' Stevenson: "[Full-Disclosure] Sharutils buggy?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: full-disclosure@lists.netsys.com (Peter Bieringer) Date: Tue, 16 Jul 2002 09:12:53 +0200
--On Tuesday, July 16, 2002 01:24:30 AM +0200 martin f krafft
<madduck@madduck.net> wrote:
> I'd like to get some educated thoughts and opinions on a recently
> found potential bug:
>
> http://www.aerasec.de/security/index.html?lang=en&id=ae-200205-037
> http://online.securityfocus.com/bid/4742
> http://www.aerasec.de/security/index.html?lang=en&id=ae-200205-049
> http://www.aerasec.de/security/index.html?lang=en&id=ae-200204-033
> http://bugs.debian.org/149454
> http://www.kb.cert.org/vuls/id/336083
One additial memo:
The original advisory and afaik the fixed version from RHL still not
metioned that devices also are candidates for overwriting.
Think about
begin 666 /dev/hda
...
Peter
- Next message: Nathan Fain: "[Full-Disclosure] w32.frethem.k@mm and good reading"
- Previous message: Raju Mathur: "[Full-Disclosure] Counseling not to use Windows (was Re: Anonymoussurfing my ass\!)"
- In reply to: martin f krafft: "[Full-Disclosure] Sharutils buggy?"
- Next in thread: Charles 'core' Stevenson: "[Full-Disclosure] Sharutils buggy?"
- Reply: Charles 'core' Stevenson: "[Full-Disclosure] Sharutils buggy?"
- Reply: Charles 'core' Stevenson: "[Full-Disclosure] Sharutils buggy?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
