lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 25 Jan 2007 11:55:11 -0600 (CST)
From: Ron DuFresne <>
To: rPath Update Announcements <>
	<>, <>,
	<>, <>
Subject: Re: [Full-disclosure] rPSA-2007-0011-1 wget


> Description:
>     Previous versions of the wget package can crash if they contact a
>     malicious FTP server.  No further vulnerability is enabled by this
>     minor flaw; system security is not threatened in any way.

Which might well be a good thing eh?  Afterall, if the site is malicious,
better the app die and dump then allow one to prceed to inflict harm upon
ones self?


Ron DuFresne
"Sometimes you get the blues because your baby leaves you. Sometimes you get'em
'cause she comes back." --B.B. King
        ***testing, only testing, and damn good at it too!***

OK, so you're a Ph.D.  Just don't touch anything.

Powered by blists - more mailing lists