Date: Sat, 19 Jul 2014 13:32:50 +0200 From: intrigeri <intrigeri@...m.org> To: oss-security@...ts.openwall.com Subject: Re: CVE's for intersection vulnerabilities Hi, Kurt Seifried wrote (19 Jul 2014 00:33:38 GMT) : > So long story short: we have a program called sosreport that is used > to send system information back to Red Hat so we can help customers > troubleshoot their problems. It would appear we have three main > classes of (potential) security vulnerabilities: The severity of these potential vulnerabilities may partly depend on how well sosreport authenticates the server it sends information to. Cheers, -- intrigeri
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ