Re: [Full-disclosure] rPSA-2007-0011-1 wget
- From: Ron DuFresne <dufresne@xxxxxxxxxxxxx>
- Date: Thu, 25 Jan 2007 11:55:11 -0600 (CST)
[SNIP]
Description:
Previous versions of the wget package can crash if they contact a
malicious FTP server. No further vulnerability is enabled by this
minor flaw; system security is not threatened in any way.
Which might well be a good thing eh? Afterall, if the site is malicious,
better the app die and dump then allow one to prceed to inflict harm upon
ones self?
Thanks,
Ron DuFresne
--
"Sometimes you get the blues because your baby leaves you. Sometimes you get'em
'cause she comes back." --B.B. King
***testing, only testing, and damn good at it too!***
OK, so you're a Ph.D. Just don't touch anything.
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
- References:
- [Full-disclosure] rPSA-2007-0011-1 wget
- From: rPath Update Announcements
- [Full-disclosure] rPSA-2007-0011-1 wget
- Prev by Date: [Full-disclosure] [x0n3-h4ck] Siteman 2.0.x2 Remote Md5 Hash Disclosure Vulnerability
- Next by Date: [Full-disclosure] Earthlink TotalAccess ActiveX Unsafe Methods Vulnerability
- Previous by thread: [Full-disclosure] rPSA-2007-0011-1 wget
- Next by thread: [Full-disclosure] rPSA-2007-0012-1 ed
- Index(es):
Loading
