| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Sep 22 18:09:50 2005 From: se_cur_ity at hotmail.com (Morning Wood) Subject: RE: perldiver the proposed fix is the vendors suggestion, not mine. Feel free to contact http://scriptsolutions.com/ and tell him yourself kthnx. ----- Original Message ----- From: <learnperlidiot@...hmail.com> To: <full-disclosure@...ts.grok.org.uk> Sent: Wednesday, September 21, 2005 11:58 AM Subject: [Full-disclosure] RE: perldiver > I believe mrwood's proposed fix isnt going to help. As it just > strips the first character if it's \w or : > > perhaps when he suggested $module =~ s/^([A-Za-z0-9]|:)//g; he ment > $module =~ s/[^A-Za-z0-9:]//g; > > Thank you morning_wood for helping promote secure web application > development. Keep up the good work. > > > > Concerned about your privacy? Follow this link to get > secure FREE email: http://www.hushmail.com/?l=2 > > Free, ultra-private instant messaging with Hush Messenger > http://www.hushmail.com/services-messenger?l=434 > > Promote security and make money with the Hushmail Affiliate Program: > http://www.hushmail.com/about-affiliate?l=427 > > _______________________________________________ > Full-Disclosure - We believe in it. > Charter: http://lists.grok.org.uk/full-disclosure-charter.html > Hosted and sponsored by Secunia - http://secunia.com/ >
Powered by blists - more mailing lists