[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Re: HTML Help API - Privilege Escalation

To: killedbythoughts@mindcrime.net
Subject: Re: [Full-Disclosure] Re: HTML Help API - Privilege Escalation
From: Valdis.Kletnieks@vt.edu
Date: Fri, 24 Oct 2003 16:41:45 -0400

On Fri, 24 Oct 2003 20:08:24 +0200, Sebastian Niehaus 
<killedbythoughts@mindcrime.net>  said:

> Well, if you have a programm to be run in suid mode, every Unix admin
> should be alerted. They are used to review the source code of this
> kind of stuff.

When was the last time you audited the source for 'ping' or 'traceroute'?

Is there *anybody* qualified to do an audit of /usr/X11R6/bin/XFree86?

Attachment: pgp00122.pgp
Description: PGP signature

References:
- [Full-Disclosure] HTML Help API - Privilege Escalation
  - From: "Brett Moore" <brett.moore@security-assessment.com>
- Re: [Full-Disclosure] HTML Help API - Privilege Escalation
  - From: KF <dotslash@snosoft.com>
- [Full-Disclosure] Re: HTML Help API - Privilege Escalation
  - From: Sebastian Niehaus <killedbythoughts@mindcrime.net>

Prev by Date: Re: [Full-Disclosure] Re: HTML Help API - Privilege Escalation
Next by Date: [Full-Disclosure] Symantec AntiVirus and AOL
Previous by thread: Re: [Full-Disclosure] Re: HTML Help API - Privilege Escalation
Next by thread: Re: [Full-Disclosure] HTML Help API - Privilege Escalation
Index(es):
- Date
- Thread