Full Disclosure mailing list archives
Re: Webmin miniserv.pl format string vulnerability
From: H D Moore <fdlist () digitaloffense net>
Date: Thu, 1 Dec 2005 22:10:00 -0600
As many folks have pointed out and consistent with the recent Dyad advisory, these bugs are indeed exploitable. I only mention this because a reporter quoted someone who quoted my original message and then used it to downplay the severity of the problem. $ perl -e 'printf("%2918905856\$vs")' -HD On Tuesday 29 November 2005 11:15, H D Moore wrote:
On Tuesday 29 November 2005 04:07, advisory () dyadsecurity com wrote:[snip ] so so if remote code execution is successful, it would lead to a full remote root compromise in a standard configuration.
_______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Re: Webmin miniserv.pl format string vulnerability H D Moore (Dec 01)