[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [cobalt-users] userList.php possible exploit

Subject: Re: [cobalt-users] userList.php possible exploit
From: Anders <andersb@xxxxxxxxxxx>
Date: Tue May 6 00:38:01 2003
List-id: Mailing list for users to share thoughts on Sun Cobalt products. <cobalt-users.list.cobalt.com>

Tom Honec wrote:

> I did not find this on the Sun Forums, I know they just
> started using new ones, could it have been removed?

That would have been on the old buggy one... (December)

Either it looped itself out, or it got cleaned out
after months of inactivity? It was noted by the admin
Tony/Sun Microsystems, and as far as I know also reported
to security-alert@xxxxxxx (it was not me reporting it)

I haven't seen an official response yet, though.
Solution (security patch) is around 6 lines of code.
I'll see what I can do, about us releasing a package?

--anders
BlackSun Inc.
http://www.blacksun.ca

Follow-Ups:
- Re: [cobalt-users] userList.php possible exploit
  - From: Bill Gibbs
- Re: [cobalt-users] userList.php possible exploit
  - From: BlackSun: rm-r-f

References:
- RE: [cobalt-users] userList.php possible exploit
  - From: Tom Honec

Prev by Date: [cobalt-users] How do you transfer directory and files RAQ to RAQ with SSH ?
Next by Date: RE: [cobalt-users] RAQ4R Tomcat version, PKG
Previous by thread: RE: [cobalt-users] userList.php possible exploit
Next by thread: Re: [cobalt-users] userList.php possible exploit

Sun Cobalt Users Message Index

Sun Cobalt Users Thread Index