Full Disclosure mailing list archives
-ADVISORY- % x Thu Mar 16 14:29:16 EST 2006 x % Directory Transversal in ISC NTP
From: Ryan Smith <whatstheaddress () gmail com>
Date: Thu, 16 Mar 2006 19:29:29 +0000 (GMT)
-ADVISORY- % x Thu Mar 16 14:29:16 EST 2006 x % Directory Transversal in ISC NTP 8=====================D~~~~~~~~~~ 8===D BACKGROUND 8=====================D~~~~~~~~~~ There has been no background. 8=====================D~~~~~~~~~~ 8===D DESCRIPTION 8=====================D~~~~~~~~~~ Remote exploitation of a directory traversal vulnerability in ISC NTP could allow attackers to overwrite or view arbitrary files with user-supplied contents. 8=====================D~~~~~~~~~~ 8===D HISTORY 8=====================D~~~~~~~~~~ 29/1/2006 8==D Vendor Notification. 16/3/2006 8==D Public Disclosure. 8=====================D~~~~~~~~~~ 8===D CVE INFORMATION 8=====================D~~~~~~~~~~ The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-478482 to this issue 8=====================D~~~~~~~~~~ APPENDIX A VENDOR INFORMATION 8=====================D~~~~~~~~~~ http://www.isc.org/index.pl?/sw/ntp/ _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- -ADVISORY- % x Thu Mar 16 14:29:16 EST 2006 x % Directory Transversal in ISC NTP Ryan Smith (Mar 16)