[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] Re: ekg insecure temporary file creation and arbitrary code execution

To: ZATAZ Audits <exploits@xxxxxxxxx>
Subject: [Full-disclosure] Re: ekg insecure temporary file creation and arbitrary code execution
From: Adam Wysocki <gophi@xxxxxxxxx>
Date: Wed, 6 Jul 2005 22:05:09 +0200 (CEST)

05.07.05 exploits@xxxxxxxxx wrote:

> Vendor informed: yes

Hi,

What do you understand by "Vendor informed"? We haven't received any 
email from you neither to private addresses nor ekg-users/ekg-devel 
mailing lists. Please also note that the script you pointed at is 
contributed by a third-party author and isn't part of ekg itself, 
neither is installed by default.

Greetings,

Adam Wysocki
ekg team

-- 
Adam Wysocki * http://www.gophi.rotfl.pl/ * GG 1234 * Fido 2:480/138
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] ekg insecure temporary file creation and arbitrary code execution
  - From: ZATAZ Audits

Prev by Date: [Full-disclosure] [ GLSA 200507-06 ] TikiWiki: Arbitrary command execution through XML-RPC
Next by Date: [Full-disclosure] Researching IMISERV (wupdt.exe)
Previous by thread: [Full-disclosure] ekg insecure temporary file creation and arbitrary code execution
Next by thread: [Full-disclosure] kpopper insecure temporary file creation
Index(es):
- Date
- Thread