Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Wed, 22 May 2013 07:41:22 -0700
From: Tavis Ormandy <taviso@...xchg8b.com>
To: oss-security@...ts.openwall.com
Subject: Re: Fwd: [Full-disclosure] Thttpd 2.25b Directory Traversal Vulnerability

Matthias Weckbecker wrote:

> Hi,
> 
> has anybody possibly already confirmed this? It might also be worth to
> assign a CVE to this if it turns out to be a reproducible issue.
> 

I can't reproduce here.

It's probably not a good sign that he posted some non-shadow passwords in
the output :)

Tavis.


-- 
-------------------------------------
taviso@...xchg8b.com | pgp encrypted mail preferred
-------------------------------------------------------

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.