[Full-Disclosure] Sharutils buggy?
From: Charles 'core' Stevenson (full-disclosure@lists.netsys.com)
Date: 07/16/02
- Next message: Snow, Corey: "[Full-Disclosure] List Charter"
- Previous message: Nathan Fain: "[Full-Disclosure] w32.frethem.k@mm and good reading"
- In reply to: Peter Bieringer: "[Full-Disclosure] Sharutils buggy?"
- Next in thread: Charles 'core' Stevenson: "[Full-Disclosure] Sharutils buggy?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
From: full-disclosure@lists.netsys.com (Charles 'core' Stevenson) Date: Tue, 16 Jul 2002 05:00:56 -0600
That's just plan evil Peter! ;)
peace,
core
Peter Bieringer wrote:
>
> --On Tuesday, July 16, 2002 01:24:30 AM +0200 martin f krafft
> <madduck@madduck.net> wrote:
>
>
>>I'd like to get some educated thoughts and opinions on a recently
>>found potential bug:
>>
>> http://www.aerasec.de/security/index.html?lang=en&id=ae-200205-037
>> http://online.securityfocus.com/bid/4742
>> http://www.aerasec.de/security/index.html?lang=en&id=ae-200205-049
>> http://www.aerasec.de/security/index.html?lang=en&id=ae-200204-033
>> http://bugs.debian.org/149454
>> http://www.kb.cert.org/vuls/id/336083
>
>
> One additial memo:
>
> The original advisory and afaik the fixed version from RHL still not
> metioned that devices also are candidates for overwriting.
>
> Think about
>
> begin 666 /dev/hda
> ...
>
>
> Peter
>
> _______________________________________________
> Full-Disclosure - We believe in it.
> Full-Disclosure@lists.netsys.com
> http://lists.netsys.com/mailman/listinfo/full-disclosure
>
>
- Next message: Snow, Corey: "[Full-Disclosure] List Charter"
- Previous message: Nathan Fain: "[Full-Disclosure] w32.frethem.k@mm and good reading"
- In reply to: Peter Bieringer: "[Full-Disclosure] Sharutils buggy?"
- Next in thread: Charles 'core' Stevenson: "[Full-Disclosure] Sharutils buggy?"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
