yeah, yeah, yeah - thanks guys :-) Everytime something's announced it's like I've got the official hack site! Normally I laugh at it but I've been a bit testy about my bandwidth lately. Or is it lack of alcohol consumption? No, definitely the bandwidth :)
----- Original Message ----- From: "Adams, Jeff" <[EMAIL PROTECTED]> To: "sambar List Member" <[EMAIL PROTECTED]> Sent: Tuesday, 24 June, 2003 10:21 Subject: [sambar] HTTP CGI-BIN Vulnerability Crap! I thought for sure I could hax0r your system b4 u noticed me! -l33t hax0r -----Original Message----- From: James Wright [mailto:[EMAIL PROTECTED] Sent: Tuesday, June 24, 2003 12:48 PM To: sambar List Member Subject: [sambar] HTTP CGI-BIN Vulnerability Jeez people. I don't think he meant that as an invitation to be stupid. I don't have search.pl so everyone who is trying it out - KNOCK IT OFF before I cut you out completely. ----- Original Message ----- From: "Alex Broens" <[EMAIL PROTECTED]> To: "sambar List Member" <[EMAIL PROTECTED]> Sent: Tuesday, 24 June, 2003 09:20 Subject: [sambar] HTTP CGI-BIN Vulnerability > The sample application search.pl that ships with the Sambar Server includes a buffer-overflow vulnerability. > > This was closed in the 6.0 beta 3 release (by disallowing script execution by anyone other than "localhost"). > > This script should be removed from all production servers; it will not be shipped with future releases of the server. > > (Source: http://www.sambar.com/security.htm) ------------------------------------------------------- To unsubscribe please go to http://www.sambar.ch/list/ ------------------------------------------------------- To unsubscribe please go to http://www.sambar.ch/list/
