Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Tue, 20 Aug 2013 02:33:54 +0430
From: Hamid Zamani <me@...idx9.ir>
To: oss-security@...ts.openwall.com
Subject: Re: CVE Request : NAS v1.9.3 multiple Vulnerabilites

On 08/20/2013 12:48 AM, Kurt Seifried wrote:
> 
> 
> Ok so we got a total of three kinds of vulns, so same
> version/researcher I'm CVE MERGEing them:
> 
> Buffer Overflows please use CVE-2013-4256
> Heap Overflow please use CVE-2013-4257
> Format String please use CVE-2013-4258
> 
> As for "Possible Race Condition and symlink attack:" can we confirm
> it's a security issue?
> 
> 
> 

Thank you.

Actually not, i just mentioned it according to fixes and announcing.
it's just about some special OSs not all of them.	

-- 
Regards,
Hamid Zamani (aka HAMIDx9)
Ashiyane Digital Security Team


Download attachment "signature.asc" of type "application/pgp-signature" (491 bytes)

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.