[prev in list] [next in list] [prev in thread] [next in thread]
List: kmail-devel
Subject: aaaaiiiiiiieeeeeeeee dangerous
From: George Staikos <staikos () 0wned ! org>
Date: 2000-01-31 20:26:43
[Download RAW message or body]
-----BEGIN PGP SIGNED MESSAGE-----
I don't know if I misunderstood this, but:
Today in bugtraq, Michal Zalewski posted a shellscript exploit to redhat
linux as an attachment. I klicked on it thinking it would display the
script. To my surprise it tried to *RUN* the script!!!! This is not good!
(luckily it failed for some reason). I don't think the default on
executables should be "run". I tried to "view" it and it failed to view as
well. I'm going to hav ea look at this in the latest CVS code but we should
be careful.
- --
George Staikos
-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.2
iQEVAwUBOJXw6vaardfOEhQRAQFiRQf+LzrqLx9aqMhTZNfmVfaksq1yJ6+lIWr+
SCmTjCCYU1tpXEC1PXd8B8cNfdxLr+BSgPE5sM4+j+4NEuoizDu17hj2PdRp5mK3
Ml4WtQCO59QYYg9dk4KCEkDAh+LULHPKuXcDD2cLnBbDf2FunAllFSM/Tl1/dRiu
maWJhqydYn3o9fToVC2fd563OsvSAUiDsILHR+KG24/eMrrBRItCsvI19l+L42z8
xT8+EnPJBGBqeWXMFu5LUbRxwZNd5Qy8XHo8SuPScgyfIzvgG1uMgOGtW8itNWur
T/28eJnRMFP6+ba+gXnYyC8xaAxKJhNqN2PPpS/eu5lyJzBr8jXf5A==
=YxZX
-----END PGP SIGNATURE-----
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic