Full Disclosure mailing list archives

Re: DLL hijacking on Linux

From: bk <chort0 () gmail com>
Date: Wed, 25 Aug 2010 11:22:06 -0700


On Aug 25, 2010, at 10:55 AM, Dan Rosenberg wrote:

...And it looks like I jumped the gun on blaming upstream.  The
vulnerability was introduced by Debian patch
"mozjs1.9_ldlibpath.patch" on 3/24/2009.

-Dan


A Debian patch introducing a security vulnerability?  Wow, I bet that's never happened before...

--
chort

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Current thread:

DLL hijacking on Linux Tim Brown (Aug 25)
- Re: DLL hijacking on Linux Mihai Donțu (Aug 25)
  - Re: DLL hijacking on Linux Tim Brown (Aug 25)
    - Re: DLL hijacking on Linux Dan Rosenberg (Aug 25)
    - Re: DLL hijacking on Linux Dan Rosenberg (Aug 25)
    - Re: DLL hijacking on Linux bk (Aug 25)
    - Re: DLL hijacking on Linux paul . szabo (Aug 25)
    - Re: DLL hijacking on Linux Noah Slater (Aug 26)
    - Re: DLL hijacking on Linux Paul Davis (Aug 26)
    - Re: DLL hijacking on Linux Noah Slater (Aug 26)
- Re: DLL hijacking on Linux Pavel Kankovsky (Aug 25)