| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20060316191139.916D75276@lists.grok.org.uk> Date: Thu Mar 16 20:13:20 2006 From: dj_noresult at xs4all.nl (Arjan van der Velde) Subject: [Advisory] * =Thu Mar 16 14:11:36 EST 2006= * Local Privilege Escalation Vulnerability in AOL Client Software [Advisory] * =Thu Mar 16 14:11:36 EST 2006= * Local Privilege Escalation Vulnerability in AOL Client Software ======== I. DESCRIPTION AOL Client Software incorrectly validates user input, making privilege escalation possible. ======== II. HISTORY 6-1-2006 - Vendor Notification. 10-2-2006 - Vendor Reply. 16-3-2006 - Public Disclosure. ======== III. WORKAROUND There are no workarounds. ======== IV. VENDOR RESPONSE AOL Client Software has extended no identified explanation. ======== V. CVE INFORMATION The Common Vulnerabilities and Exposures (CVE) project has assigned the name CVE-2006-113593 to this issue ======== APPENDIX A VENDOR INFORMATION http://www.aol.com ======== APPENDIX B REFERENCES RFC 8961
Powered by blists - more mailing lists