Jeez people. I don't think he meant that as an invitation to be stupid. I don't have search.pl so everyone who is trying it out - KNOCK IT OFF before I cut you out completely.
----- Original Message ----- From: "Alex Broens" <[EMAIL PROTECTED]> To: "sambar List Member" <[EMAIL PROTECTED]> Sent: Tuesday, 24 June, 2003 09:20 Subject: [sambar] HTTP CGI-BIN Vulnerability > The sample application search.pl that ships with the Sambar Server includes a buffer-overflow vulnerability. > > This was closed in the 6.0 beta 3 release (by disallowing script execution by anyone other than "localhost"). > > This script should be removed from all production servers; it will not be shipped with future releases of the server. > > (Source: http://www.sambar.com/security.htm) > ------------------------------------------------------- > To unsubscribe please go to http://www.sambar.ch/list/ > > > > > ------------------------------------------------------- To unsubscribe please go to http://www.sambar.ch/list/
