[prev in list] [next in list] [prev in thread] [next in thread]
List: full-disclosure
Subject: Re: [Full-disclosure] Links smbclient command execution
From: Mikulas Patocka <mikulas () artax ! karlin ! mff ! cuni ! cz>
Date: 2006-11-29 23:02:29
Message-ID: Pine.LNX.4.64.0611300000340.27418 () artax ! karlin ! mff ! cuni ! cz
[Download RAW message or body]
> On Wed, 29 Nov 2006, Mikulas Patocka wrote:
>
> > Hi
> >
> > I fixed it in Links 1.00pre19 (at
> > http://artax.karlin.mff.cuni.cz/~mikulas/links/download/) and Links 2.1pre25
> > (at http://links.twibright.com/download/) --- please check it.
> >
> > I changed it to refuse '"' and ';' from file path. I hope that user name and
> > password at smbclient command line cannot be used to execute arbitrary code,
> > but if you have other information, contact me.
> >
> > Mikulas
>
> Hello,
>
> links-2.1pre25 still seems vulnerable to the "smb" vulnerability.
>
> The ChangeLog doesn't mention anything about fixing it, smb.c has
> a timestamp from November 2005, and the exploit posted earlier
> still works.
>
> Regards, Ulf Härnhammar
Oops, I forgot to upload it yesterday. It's there now under name
links-2.1pre26. If you have any other ideas how it could be broken, tell
me.
Mikulas
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic