Bugtraq mailing list archives
Re: More vulnerabilities in FP
From: ronvdaal () SYNTONIC NET (Ron van Daal)
Date: Sat, 22 Apr 2000 12:41:26 +0200
To test this vulnerability we need "htimage.exe" in our "cgi-bin" directory (it's installed by default) and premission to execute it. That's why only Windows is vulnerable, Unix to execute "htimage.exe" + If "htimage.exe" exist). based systems can't execute "*.exe" files.
Incorrect. The FrontPage98 server extensions for Linux contains several *.exe files, which are 32-bit ELF executables. The Linux port of the FP98 server extensions isn't vulnerable, because of the missing htimage.exe. Regards, Ron van Daal | Syntonic Internet | The Netherlands
Current thread:
- RAZOR Analysis of dvwssr.dll, (continued)
- RAZOR Analysis of dvwssr.dll Simple Nomad (Apr 17)
- response to the bugtraq report of buffer overruns in imapd LIST command Mark Crispin (Apr 17)
- Re: response to the bugtraq report of buffer overruns in imapd LIST command Theo de Raadt (Apr 17)
- Re: response to the bugtraq report of buffer overruns in imapd LIST command Mark Crispin (Apr 17)
- Re: response to the bugtraq report of buffer overruns in imapd LIST command R. C. Dowdeswell (Apr 17)
- xfs security issues (fwd) Chris Evans (Apr 17)
- Re: response to the bugtraq report of buffer overruns in imapd LIST command Mark Crispin (Apr 17)
- RUS-CERT Advisory 200004-01: GNU Emacs 20 RUS-CERT, University of Stuttgart (Apr 18)
- More vulnerabilities in FP Narrow (Apr 18)
- Re: More vulnerabilities in FP The Cyberiad (Apr 19)
- Re: More vulnerabilities in FP Ron van Daal (Apr 22)
- Re: More vulnerabilities in FP The Cyberiad (Apr 19)
- AVM's Statement eAX [Teelicht] (Apr 19)
- Adtran DoS Mike Ireton (Apr 19)
- FreeBSD Security Advisory: FreeBSD-SA-00:13.generic-nqs FreeBSD Security Officer (Apr 19)
- Re: response to the bugtraq report of buffer overruns in imapd LIST command Warner Losh (Apr 17)
- pwdump2 for Active Directory Todd Sabin (Apr 18)
- Re: response to the bugtraq report of buffer overruns in imapd LIST command Henrik Nordstrom (Apr 18)
- Cooments on the dvwssr.dll vulnerability threads Iván Arce (Apr 17)
- Re: Cooments on the dvwssr.dll vulnerability threads David LeBlanc (Apr 18)
- Last call for extended abstracts - Raid 2000 - Deadline is April 30th Herve Debar (Apr 18)