Full Disclosure mailing list archives
Re: rPSA-2007-0011-1 wget
From: Ron DuFresne <dufresne () winternet com>
Date: Thu, 25 Jan 2007 11:55:11 -0600 (CST)
[SNIP]
Description: Previous versions of the wget package can crash if they contact a malicious FTP server. No further vulnerability is enabled by this minor flaw; system security is not threatened in any way.
Which might well be a good thing eh? Afterall, if the site is malicious, better the app die and dump then allow one to prceed to inflict harm upon ones self? Thanks, Ron DuFresne -- "Sometimes you get the blues because your baby leaves you. Sometimes you get'em 'cause she comes back." --B.B. King ***testing, only testing, and damn good at it too!*** OK, so you're a Ph.D. Just don't touch anything. _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- rPSA-2007-0011-1 wget rPath Update Announcements (Jan 23)
- Re: rPSA-2007-0011-1 wget Ron DuFresne (Jan 25)