Bugtraq mailing list archives
Re: [Full-disclosure] rPSA-2007-0011-1 wget
From: Ron DuFresne <dufresne () winternet com>
Date: Thu, 25 Jan 2007 11:55:11 -0600 (CST)
[SNIP]
Description: Previous versions of the wget package can crash if they contact a malicious FTP server. No further vulnerability is enabled by this minor flaw; system security is not threatened in any way.
Which might well be a good thing eh? Afterall, if the site is malicious, better the app die and dump then allow one to prceed to inflict harm upon ones self? Thanks, Ron DuFresne -- "Sometimes you get the blues because your baby leaves you. Sometimes you get'em 'cause she comes back." --B.B. King ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything.
Current thread:
- rPSA-2007-0011-1 wget rPath Update Announcements (Jan 23)
- Re: [Full-disclosure] rPSA-2007-0011-1 wget Ron DuFresne (Jan 25)