Bugtraq mailing list archives
Re: CGI security hole in EWS (Excite for Web Servers)
From: carson () tla org (carson () tla org)
Date: Thu, 18 Dec 1997 20:09:36 -0500
The _really_ funny thing is that EWS 1.0P1 does _not_ appear to be vulnerable. It looks like someone who shouldn't have been let near the code decided to "enhance" it. -- Carson Gaspar -- carson () cs columbia edu carson () tla org carson () cugc org http://www.cs.columbia.edu/~carson/home.html Queen Trapped in a Butch Body
Current thread:
- CERT Advisory CA-97.28 - Teardrop_Land Aleph One (Dec 16)
- <Possible follow-ups>
- Re: CERT Advisory CA-97.28 - Teardrop_Land Charles M. Hannum (Dec 16)
- Re: CERT Advisory CA-97.28 - Teardrop_Land Alan Cox (Dec 16)
- Re: CERT Advisory CA-97.28 - Teardrop_Land Ron Holt (Dec 19)
- SGI Security Advisory 19971201-01-P1391 - statd(1M) Buffer Overrun SGI Security Coordinator (Dec 16)
- CERT Vendor-Initiated Bulletin VB-97.16 - CrackLib Aleph One (Dec 17)
- SNI-22: RADIUS Advisory Secure Networks Inc. (Dec 17)
- Re: SNI-22: RADIUS Advisory miguel a.l. paraz (Dec 17)
- CGI security hole in EWS (Excite for Web Servers) Marc Merlin (Dec 17)
- Re: CGI security hole in EWS (Excite for Web Servers) carson () tla org (Dec 18)
- Re: SNI-22: RADIUS Advisory Thom Henderson (Dec 18)
- mIRC Worm Aleph One (Dec 18)
- Re: mIRC Worm Nigel Reed (Dec 18)
- Re: mIRC Worm Paul Wilson (Dec 18)
- StackGuard: Automatic Protection From Stack-smashing Attacks Crispin Cowan (Dec 18)
- Re: StackGuard: Automatic Protection From Stack-smashing Attacks Tim Newsham (Dec 19)
- Re: StackGuard: Automatic Protection From Stack-smashing Attacks Theo de Raadt (Dec 19)
- Xotpcalc, version 1.0 Ivan Nejgebauer (Dec 19)
- Re: CERT Advisory CA-97.28 - Teardrop_Land Alan Cox (Dec 16)
- Buffer Overrun / DOS in /bin/passwd (at least Redhat Linux 4.2) Alex Mottram (Dec 19)
- Re: Buffer Overrun / DOS in /bin/passwd (at least Redhat Linux Alec Muffett (Dec 19)