[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] YingZhi Lua Programming Language for iOS ftp .. bug & httpd arbitrary upload
From:       "Larry W. Cashdollar" <larry0 () me ! com>
Date:       2013-08-30 13:16:47
Message-ID: 986e0489-3103-4a59-9199-97f27ae279ab () me ! com
[Download RAW message or body]

Hi,

During further investigation of the Python programming language by XiaoWen for ipad/iphone I \
discovered a new Lua / Perl / Ruby programming application in the apple application store all \
written by XiaoWen Huang that suffers from the http file upload vulnerabilities.   It appears \
the ../ has been fixed for these other applications.

Download Locations:

https://itunes.apple.com/us/app/perl-programming-language/id578116006?mt=8&ls=1

https://itunes.apple.com/us/app/ruby-programming-language/id581732143?mt=8&ls=1

https://itunes.apple.com/us/app/lua-programming-language/id505972017?mt=8&ls=1

-- Larry


[Attachment #3 (multipart/related)]

[Attachment #5 (text/html)]

<html><body><div>Hi,</div><div><br>During further investigation of the Python programming \
language by XiaoWen for ipad/iphone I discovered a new Lua / Perl / Ruby programming \
application in the apple application store all written by XiaoWen Huang that suffers from the \
http file upload vulnerabilities. &nbsp;It appears the ../ has been fixed for these other \
applications.</div><div><br></div><div>Download \
Locations:</div><div><br></div><div>https://itunes.apple.com/us/app/perl-programming-language/id \
578116006?mt=8&amp;ls=1</div><div><br></div><div>https://itunes.apple.com/us/app/ruby-programmin \
g-language/id581732143?mt=8&amp;ls=1</div><div><br></div><div>https://itunes.apple.com/us/app/lua-programming-language/id505972017?mt=8&amp;ls=1</div><div><br></div><div>-- \
Larry</div><div><br></div><div><br></div></body></html>



[prev in list] [next in list] [prev in thread] [next in thread]