search for: beyondsecurity

...oCs are available. Vendor Response: ---------------- * Patch 2012-04-19 (bug61755.diff) (see php bugref) Patch available, but still not fixed in 5.4.3 (latest) Timeline: --------- * 2012 Feb ? - Discovered in 5.3.8, verified for 5.3.0/5.3.10 and 5.4.0 * 2012 March - Responsible Disclosure via SSD/BeyondSecurity * 2012 April - Patch available 2012-04-19 * 2012 May/June - No trace of bugfix in svn for 5.3/5.4/trunk although mentioned in bugref #61755 * 2012 June ?- No trace of bugfix in svn for 5.3/5.4/trunk, code ... * 2012 June ?- public disclosure CREDITS: -------- Discovered by 0x721427D8 via BeyondSec...

...t adm 0 Mar 7 2004 uucp.log -rw-r----- 1 root adm 309 Feb 26 2004 uucp.log.0 -rw-rw-r-- 1 root utmp 21120 Jun 17 10:52 wtmp -rw-rw-r-- 1 root utmp 17280 May 31 17:06 wtmp.1 Hope this help debug the issue. -- Noam Rathaus CTO Beyond Security Ltd. http://www.beyondsecurity.com http://www.securiteam.com

...| |--------------------+---------------------------------------------------| | Reported On | June 22, 2008 | |--------------------+---------------------------------------------------| | Reported By | Noam Rathaus < noamr AT beyondsecurity DOT com >, | | | with his SSD program, also by Blake Cornell | |--------------------+---------------------------------------------------| | Posted On | September 3, 2009 | |--------------------+------------------------...