[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Full-disclosure] NETRAGARD-20060624 SECURITY ADVISORY] [ROXIO TOAST 7 TITANIUM - LOCAL ROOT COMPROMISE ]

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: [Full-disclosure] NETRAGARD-20060624 SECURITY ADVISORY] [ROXIO TOAST 7 TITANIUM - LOCAL ROOT COMPROMISE ]
From: Propaganda Support <support@xxxxxxxxxxxxxxxxxx>
Date: Wed, 23 Aug 2006 11:04:21 +0200

Alex wrote:

Making system() calls without a full path from a suid root binaryis just asking for trouble.


Agreed. No argument.

You should fix it.


I neglected to mention that I have. It will be released shortly.

Kind Regards,
-jeff

--
Jeff Holland
http://propagandaprod.com



_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Prev by Date: [Full-disclosure] NETRAGARD-20060624 SECURITY ADVISORY] [ROXIO TOAST 7 TITANIUM - LOCAL ROOT COMPROMISE ]
Next by Date: Re: [Full-Disclosure] RE: Patching networks redux (fwd)
Previous by thread: Re: [Full-disclosure] NETRAGARD-20060624 SECURITY ADVISORY] [ROXIO TOAST 7 TITANIUM - LOCAL ROOT COMPROMISE ]
Next by thread: Re: [Full-disclosure] NETRAGARD-20060624 SECURITY ADVISORY] [ROXIO TOAST 7 TITANIUM - LOCAL ROOT COMPROMISE ]
Index(es):
- Date
- Thread