remote exploit?

help-cfengine

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

remote exploit?

From:	Ed Brown
Subject:	remote exploit?
Date:	Tue, 10 Aug 2004 09:41:50 -0600

I don't remember reading here about a remote/local root vulnerability in
2.0.0 through 2.1.7, that was fixed in the 2.1.8 release.  A full
description, with proof of concept exploit code, at:
http://www.coresecurity.com/common/showdoc.php?idx=387&idxseccion=10 

Is this for real?

The 2.1.8 changelog only says this with respect to security fixes:
"Additional checks added to bolster server transaction security."


-Ed

[Prev in Thread]

Current Thread

[Next in Thread]

remote exploit?, Ed Brown <=
- Re: remote exploit?, Thomas Glanzmann, 2004/08/10
  - Re: remote exploit?, Ed Brown, 2004/08/10
    - Re: remote exploit?, Phil D'Amore, 2004/08/10
    - Re: remote exploit?, Mark . Burgess, 2004/08/10
    - Re: remote exploit?, Ed Brown, 2004/08/10
    - Re: remote exploit?, Pete Ehlke, 2004/08/12

Prev by Date: Re: Cfengine server failover
Next by Date: Re: remote exploit?
Previous by thread: Cfengine server failover
Next by thread: Re: remote exploit?
Index(es):
- Date
- Thread