Full Disclosure mailing list archives

-advisory- % =Thu Mar 16 02:47:00 EST 2006= % Directory Transversal in ISC BIND

From: sq5bpf () andra com pl
Date: Thu, 16 Mar 2006 07:47:06 +0000 (GMT)




-advisory- % =Thu Mar 16 02:47:00 EST 2006= % Directory Transversal in ISC BIND




8======D~~~~~~~~
[+] DESCRIPTION
Remote exploitation of a directory traversal vulnerability in ISC BIND could allow attackers to overwrite or view 
arbitrary files with user-supplied contents.

8======D~~~~~~~~
[+] HISTORY
2-20-2006 [+] Vendor Notification.
1-8-2006 [+] Vendor Reply.
3-16-2006 [+] Public Disclosure.
8======D~~~~~~~~
[+] VENDOR RESPONSE
ISC BIND was presented no information.
8======D~~~~~~~~
[+] CVE INFORMATION
The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-731420 to this issue



8======D~~~~~~~~
CONTACT
Jacek Lipkowski sq5bpf () andra com pl

GSAE CCE CEH CSFA SSP-CNSA SSP-MPA GWAS SSCP 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

-advisory- % =Thu Mar 16 02:47:00 EST 2006= % Directory Transversal in ISC BIND sq5bpf (Mar 15)