| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <86wub3uqrk.fsf@blue.stonehenge.com> Date: 17 Oct 2003 21:13:51 -0700 From: merlyn@...nehenge.com (Randal L. Schwartz) To: HCTITS Security Division <security@...ancentrictech.com> Cc: bugtraq@...urityfocus.com, full-disclosure@...ts.netsys.com Subject: Re: Re: Gaim festival plugin exploit >>>>> "HCTITS" == HCTITS Security Division <security@...ancentrictech.com> writes: HCTITS> Attached, find the latest reissue of the Gaim festival plugin. The guy HCTITS> that wrote it, wrote it for pre-0.68 Perl API, but it was secure against HCTITS> the sort of attack that Error described. I have since taken it and HCTITS> recoded it to work with post-0.68 versions of Gaim. It is attached. By HCTITS> all means, if you see an exploitable bug in there, let me know! I'm HCTITS> just a perl-tot.. Please, please, PLEASE use the code I posted here. -- Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095 <merlyn@...nehenge.com> <URL:http://www.stonehenge.com/merlyn/> Perl/Unix/security consulting, Technical writing, Comedy, etc. etc. See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training! _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.netsys.com/full-disclosure-charter.html
Powered by blists - more mailing lists