[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] Samba Remote Zero-Day Exploit

To: full-disclosure@xxxxxxxxxxxxxxxxx, marxclou@xxxxxxxxxxxx
Subject: Re: [Full-disclosure] Samba Remote Zero-Day Exploit
From: paul.szabo@xxxxxxxxxxxxx
Date: Sun, 7 Feb 2010 07:59:48 +1100

Dear Marx,

> This is an interesting point of view.

I had replied to you personally only, you should not have posted my
reply to any mailing lists. But since you posted... yes my views are
interesting, should be studied and followed, for enlightenment :-)

> However u haven't answered my question. Is there an option to enable
> a traversal or lets say chdir to a path outside of the configured
> enviroment which is disabled by default?

No I do not think there is an option to allow chdir to outside.
(Please scritunize docs and sources, I may have missed something.)

Cheers, Paul

Paul Szabo   psz@xxxxxxxxxxxxxxxxx   http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics   University of Sydney    Australia

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- Re: [Full-disclosure] Samba Remote Zero-Day Exploit
  - From: marxclou

Prev by Date: Re: [Full-disclosure] Samba Remote Zero-Day Exploit
Next by Date: Re: [Full-disclosure] Samba Remote Zero-Day Exploit
Previous by thread: Re: [Full-disclosure] Samba Remote Zero-Day Exploit
Next by thread: Re: [Full-disclosure] Samba Remote Zero-Day Exploit
Index(es):
- Date
- Thread