RE: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Ve

lynx-dev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Ve

From:	Thomas Dickey
Subject:	RE: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability
Date:	Fri, 28 Oct 2005 21:12:31 -0400 (EDT)

On Fri, 28 Oct 2005, Greg MacManus wrote:

Hi,

That looks like it will do it.

The original vulnerability discoverer wishes to be credited as 'vade79',
so he should probably be credited instead of me.

ok (actually the credit should still list you as well, since you providedfeedback with a suggestion on how to resolve this - but it's up to you

if you don't want your name on it).

This says "multiple vendor" in the title:

        Have the vendors been contacted?
        (who's responsible for doing that)

        Do they need a patch against 2.8.5?
        (it's not a difficult patch to resync)

        What's the timeframe for resolving this?

I expect that I can make a new fix for 2.8.5 this weekend, putting that in

        http://lynx.isc.org/lynx2.8.5/patches/

--
Thomas E. Dickey
http://invisible-island.net
ftp://invisible-island.net

[Prev in Thread]

Current Thread

[Next in Thread]

[Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability, Greg MacManus, 2005/10/28
- [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability, Thomas Dickey, 2005/10/28
  - Re: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability, Stef Caunter, 2005/10/28
    - Re: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability, Thomas Dickey, 2005/10/28
    - Re: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability, Stef Caunter, 2005/10/28
    - Re: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability, Thomas Dickey, 2005/10/28
  - Re: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability, Thomas Dickey, 2005/10/28
- RE: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability, Greg MacManus, 2005/10/28
  - RE: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability, Thomas Dickey <=
  - RE: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability, Thomas Dickey, 2005/10/29

Prev by Date: Re: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability
Next by Date: RE: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability
Previous by thread: RE: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability
Next by thread: RE: [Lynx-dev] RE: FW: iDEFENSE Security Advisory [IDEF1089] Multiple Vendor Lynx Command Injection Vulnerability
Index(es):
- Date
- Thread