| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <1121102772.7471.9.camel@localhost.localdomain>
Date: Mon, 11 Jul 2005 19:26:12 +0200
From: Tero Hänninen <tero@...abyte.net>
To: bugtraq@...urityfocus.com
Subject: Re: SiteMinder Multiple Vulnerabilities
On Fri, 2005-07-08 at 14:03 +0000, c0ntexb@...il.com wrote:
> /*
> *****************************************************************************************************************
> $ An open security advisory #10 - Siteminder v5.5 Vulnerabilities
> *****************************************************************************************************************
> 1: Bug Researcher: c0ntex - c0ntexb[at]gmail.com
> 2: Bug Released: July 08 2005
> 3: Bug Impact Rate: Medium / Hi
> 4: Bug Scope Rate: Remote
> *****************************************************************************************************************
> $ This advisory and/or proof of concept code must not be used for commercial gain.
> *****************************************************************************************************************
What patch level did you research this on? I've tested with 5QMR7 HF-08 and it doesn't seem to be
working.
Similar (the same?) vulnerability was reported on 17th of January by
Marc Ruef (http://www.securityfocus.com/archive/1/387569) and has been
fixed by Netegrity/CA some time ago in the 5QMR7 agents (HF-06 if I
recall correctly).
Best Regards,
Tero Hänninen
--
Tero Hänninen | tero@...abyte.net | http://www.betabyte.net/ |
Overflow error in /dev/null
Powered by blists - more mailing lists