| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu Mar 16 18:55:00 2006 From: pwicks at oxygen.com (pwicks@...gen.com) Subject: -ADVISORY- * +Thu Mar 16 13:37:44 EST 2006+ * Directory Transversal in Apple iTunes -ADVISORY- * +Thu Mar 16 13:37:44 EST 2006+ * Directory Transversal in Apple iTunes 8==========================D~~~~~~~~~~~~~~~~~~~~~~~~~~~ 1. Background 8==========================D~~~~~~~~~~~~~~~~~~~~~~~~~~~ This issue had no background. 8==========================D~~~~~~~~~~~~~~~~~~~~~~~~~~~ 2. Description 8==========================D~~~~~~~~~~~~~~~~~~~~~~~~~~~ Remote exploitation of a directory traversal vulnerability in Apple iTunes could allow attackers to overwrite or view arbitrary files with user-supplied contents. 8==========================D~~~~~~~~~~~~~~~~~~~~~~~~~~~ 3. Vendor Response 8==========================D~~~~~~~~~~~~~~~~~~~~~~~~~~~ Apple iTunes has extended no identified information regarding this issue at hand. 8==========================D~~~~~~~~~~~~~~~~~~~~~~~~~~~ Appendix A Vendor Information 8==========================D~~~~~~~~~~~~~~~~~~~~~~~~~~~ http://www.apple.com/itunes/ 8==========================D~~~~~~~~~~~~~~~~~~~~~~~~~~~ Appendix B References 8==========================D~~~~~~~~~~~~~~~~~~~~~~~~~~~ RFC 6496 8==========================D~~~~~~~~~~~~~~~~~~~~~~~~~~~ Contact 8==========================D~~~~~~~~~~~~~~~~~~~~~~~~~~~ James Patterson Wicks lolville@...m.la 1-888-565-9428 GSAE CCE CEH SSP-MPA GIPS GHTQ GWAS SSCP
Powered by blists - more mailing lists