[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
remote exploit?
From: |
Ed Brown |
Subject: |
remote exploit? |
Date: |
Tue, 10 Aug 2004 09:41:50 -0600 |
I don't remember reading here about a remote/local root vulnerability in
2.0.0 through 2.1.7, that was fixed in the 2.1.8 release. A full
description, with proof of concept exploit code, at:
http://www.coresecurity.com/common/showdoc.php?idx=387&idxseccion=10
Is this for real?
The 2.1.8 changelog only says this with respect to security fixes:
"Additional checks added to bolster server transaction security."
-Ed
- remote exploit?,
Ed Brown <=