On Friday 23 January 2009 04:06, Paul Szabo wrote:
Belatedly, I realize that this still leaves a DoS attack: fill up utmp
with entries for all possible PIDs, then login will fail. Maybe that is
properly Bug#505071 (as distinct from this one)? Please see there
about ideas on how to perform this
Thanks for the DSA-1709 fix.
Belatedly, I realize that this still leaves a DoS attack: fill up utmp
with entries for all possible PIDs, then login will fail. Maybe that is
properly Bug#505071 (as distinct from this one)? Please see there
about ideas on how to perform this DoS without access to
Hi Paul,
On Thursday 27 November 2008 10:13, Paul Szabo wrote:
How long do you expect it will take to in fact fix this bug (which is
closed, pretend-fixed, still set to just serious severity)? Would it
cause problems if I posted the exploit on Monday 1 Dec?
Sorry for the delay incurred in
Dear Nicolas and Moritz,
How long do you expect it will take to in fact fix this bug (which is
closed, pretend-fixed, still set to just serious severity)? Would it
cause problems if I posted the exploit on Monday 1 Dec?
Thanks, Paul
Paul Szabo [EMAIL PROTECTED]
Please fix for etch also. Please issue DSA.
Please alert other Linux distros, they are also affected.
Since you claim this issue is fixed, surely (?!) there is no harm
in making the exploit public. Should (may) I do that now?
Cheers, Paul
Paul Szabo [EMAIL PROTECTED]
5 matches
Mail list logo
