Bugtraq mailing list archives
Re: Vulnerability in BOA web server v0.94.8.2
From: Brian Russo <brusso () PHYS HAWAII EDU>
Date: Sun, 8 Oct 2000 21:58:24 -1000
After having read the "Vulnerability in BOA web server v0.94.8.2" advisory by llmora, I wrote a simple exploit for the vulnerability. It is tested on Boa version 0.94.7 which I believe is distributed with Debian.
This bug was closed in Debian (woody AND potato, i.e. unstable AND stable) on October 7th. (Actual upload was made on October 5th) Package maintainer for debian package of boa is a boa developer, so not much lag time. http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=74231 for the bug report and resolution. Would it really be so much effort to check the status of such things before you just blurt them out?
(http://www.s21sec.com/en/avisos/s21sec-005-en.txt) Entire advisory
Sincerely yours, teleh0r
- brian -- Brian Russo <brusso () phys hawaii edu> (808) 957 2333
Current thread:
- Vulnerability in BOA web server v0.94.8.2 Lluis Mora (Oct 06)
- <Possible follow-ups>
- Re: Vulnerability in BOA web server v0.94.8.2 teleh0r - (Oct 08)
- Re: Vulnerability in BOA web server v0.94.8.2 Brian Russo (Oct 09)