Luca Bruno
2008-Oct-24 19:32 UTC
[Secure-testing-team] Multiple Vulnerabilities (xss, insecure file handling and code execution)
Package: websvn Version: 1.61-20 Severity: critical Tags: security A full disclosure bulletin has been posted today, reporting various security vulnerabilities in websvn. The remote code execution should only affect etch version, while at a first glance the others are also still open in lenny/sid. Check the complete bulletin at: http://www.gulftech.org/?node=research&article_id=00132-10202008 http://www.milw0rm.com/exploits/6822 Ciao, Luca -- .''''`. ** Debian GNU/Linux ** | Luca Bruno (kaeso) : :'' : The Universal O.S. | lucab (AT) debian.org `. `''` | GPG Key ID: 3BFB9FB3 `- http://www.debian.org | Debian GNU/Linux Developer -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: not available Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20081024/a4af5e05/attachment.pgp