[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Re: Gaim festival plugin exploit

To: HCTITS Security Division <security@humancentrictech.com>
Subject: Re: [Full-Disclosure] Re: Gaim festival plugin exploit
From: merlyn@stonehenge.com (Randal L. Schwartz)
Date: 17 Oct 2003 21:13:51 -0700

>>>>> "HCTITS" == HCTITS Security Division <security@humancentrictech.com> 
>>>>> writes:

HCTITS> Attached, find the latest reissue of the Gaim festival plugin.  The guy
HCTITS> that wrote it, wrote it for pre-0.68 Perl API, but it was secure against
HCTITS> the sort of attack that Error described.  I have since taken it and
HCTITS> recoded it to work with post-0.68 versions of Gaim.  It is attached.  By
HCTITS> all means, if you see an exploitable bug in there, let me know!  I'm
HCTITS> just a perl-tot..

Please, please, PLEASE use the code I posted here.

-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn@stonehenge.com> <URL:http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Follow-Ups:
- Re: [Full-Disclosure] Re: Gaim festival plugin exploit
  - From: Valdis.Kletnieks@vt.edu

References:
- [Full-Disclosure] Gaim festival plugin exploit
  - From: error <error@lostinthenoise.net>
- [Full-Disclosure] Re: Gaim festival plugin exploit
  - From: HCTITS Security Division <security@humancentrictech.com>

Prev by Date: Re: [Full-Disclosure] AT&T early warning system
Next by Date: Re: [Full-Disclosure] AT&T early warning system
Previous by thread: [Full-Disclosure] Re: Gaim festival plugin exploit
Next by thread: Re: [Full-Disclosure] Re: Gaim festival plugin exploit
Index(es):
- Date
- Thread