The sample application search.pl that ships with the Sambar Server includes a buffer-overflow vulnerability.
This was closed in the 6.0 beta 3 release (by disallowing script execution by anyone other than "localhost"). This script should be removed from all production servers; it will not be shipped with future releases of the server. (Source: http://www.sambar.com/security.htm) ------------------------------------------------------- To unsubscribe please go to http://www.sambar.ch/list/
