[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Command Injection Vulnerability in stat.qwest.net- OFFTOPIC

To: Kurt Seifried <listuser@seifried.org>
Subject: Re: [Full-Disclosure] Command Injection Vulnerability in stat.qwest.net- OFFTOPIC
From: Blue Boar <BlueBoar@thievco.com>
Date: Fri, 22 Aug 2003 09:18:58 -0700

Kurt Seifried wrote:

> Why are you telling us this? How does it affect anyone, but qwest, who you
> notified, and who fixed it. Do we now send out a security advisory every
> time we notify sometime to disable a vulnerable service (sir, you have
> telnet enabled). This is getting ridiculous.

Couple of points:  It may be nice to know the track record of a company 
even though the problem has been fixed.  Also, QWest isn't the only ISP 
that uses Looking Glass...

						BB

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Command Injection Vulnerability in stat.qwest.net
  - From: Dan Daggett <csiwebmaster@csi.edu>
- Re: [Full-Disclosure] Command Injection Vulnerability in stat.qwest.net - OFFTOPIC
  - From: "Kurt Seifried" <listuser@seifried.org>

Prev by Date: RE: [Full-Disclosure] Subject prefix changing! READ THIS! SURVEY!!
Next by Date: RE: [Full-Disclosure] JAP back doored
Prev by thread: Re: [Full-Disclosure] Command Injection Vulnerability in stat.qwest.net - OFFTOPIC
Next by thread: RE: [fd] Re: [Full-Disclosure] Google Private IP is 10.7.0.73 !!!!!!
Index(es):
- Date
- Thread