Full Disclosure mailing list archives

Re: ekg insecure temporary file creation and arbitrary code execution

From: Adam Wysocki <gophi () apcoh org>
Date: Wed, 6 Jul 2005 22:05:09 +0200 (CEST)

05.07.05 exploits () zataz net wrote:

Vendor informed: yes


Hi,

What do you understand by "Vendor informed"? We haven't received any 
email from you neither to private addresses nor ekg-users/ekg-devel 
mailing lists. Please also note that the script you pointed at is 
contributed by a third-party author and isn't part of ekg itself, 
neither is installed by default.

Greetings,

Adam Wysocki
ekg team

-- 
Adam Wysocki * http://www.gophi.rotfl.pl/ * GG 1234 * Fido 2:480/138
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

ekg insecure temporary file creation and arbitrary code execution ZATAZ Audits (Jul 05)
- Re: ekg insecure temporary file creation and arbitrary code execution Adam Wysocki (Jul 06)