Re: [Full-Disclosure] unarj dir-transversal bug (../../../..)

doubles_at_hush.com
Date: 10/12/04

Next message: Vincent Archer: "Re: [Full-Disclosure] Hacking into private files, my credit card purchases, personal correspondence or anything that is mine is trespassing and criminal."

Previous message: doubles_at_hush.com: "Re: [Full-Disclosure] unarj dir-transversal bug (../../../..)"
Maybe in reply to: doubles_at_hush.com: "[Full-Disclosure] unarj dir-transversal bug (../../../..)"
Next in thread: evilninja: "Re: [Full-Disclosure] unarj dir-transversal bug (../../../..)"
Reply: evilninja: "Re: [Full-Disclosure] unarj dir-transversal bug (../../../..)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

To: evilninja <evilninja@gmx.net>
Date: Tue, 12 Oct 2004 00:57:50 -0700

On Mon, 11 Oct 2004 16:29:40 -0700 evilninja <evilninja@gmx.net> wrote:
>evil@sheep:~$ unarj x test.arj
>ARJ32 v 3.10, Copyright (c) 1998-2004, ARJ Software Russia. [27
>Jun 2004]

arj != unarj! debian is stubido dist nd it pakage ''arj'' as ''unarj''!

real unarj 2.* inkl 2.65 latest are vunerabble!

doubles

Concerned about your privacy? Follow this link to get
secure FREE email: http://www.hushmail.com/?l=2

Free, ultra-private instant messaging with Hush Messenger
http://www.hushmail.com/services-messenger?l=434

Promote security and make money with the Hushmail Affiliate Program:
http://www.hushmail.com/about-affiliate?l=427

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: Vincent Archer: "Re: [Full-Disclosure] Hacking into private files, my credit card purchases, personal correspondence or anything that is mine is trespassing and criminal."

Previous message: doubles_at_hush.com: "Re: [Full-Disclosure] unarj dir-transversal bug (../../../..)"
Maybe in reply to: doubles_at_hush.com: "[Full-Disclosure] unarj dir-transversal bug (../../../..)"
Next in thread: evilninja: "Re: [Full-Disclosure] unarj dir-transversal bug (../../../..)"
Reply: evilninja: "Re: [Full-Disclosure] unarj dir-transversal bug (../../../..)"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Relevant Pages

Re: delving deeper
... intro for Network scanning. ... I've been looking at security and penetration-testing for some ... secure FREE email: http://www.hushmail.com/?l=2 ... ultra-private instant messaging with Hush Messenger ...
(Pen-Test)
[Full-disclosure] (no subject)
... secure FREE email: http://www.hushmail.com/?l=2 ... ultra-private instant messaging with Hush Messenger ... Promote security and make money with the Hushmail Affiliate Program: ...
(Full-Disclosure)
eEye Blink and other Endpoint IPS solutions.
... on system performance and how their effectiveness compares to NIPS. ... secure FREE email: http://www.hushmail.com/?l=2 ... ultra-private instant messaging with Hush Messenger ... CORE IMPACT. ...
(Focus-IDS)
Re: [Full-Disclosure] The Hackers Manifesto Reloaded
... >not a declaration of war, it is a statement accompanying a point for ... Senior Security Consultant at iDEFENSE labs ... secure FREE email: http://www.hushmail.com/?l=2 ... ultra-private instant messaging with Hush Messenger ...
(Full-Disclosure)
Re: wargame issue
... Regards, ... >I know that this application doesn't check input string, ... secure FREE email: http://www.hushmail.com/?l=2 ... ultra-private instant messaging with Hush Messenger ...
(Security-Basics)