Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: Re: Gaim festival plugin exploit

From: merlyn () stonehenge com (Randal L. Schwartz)
Date: 17 Oct 2003 21:13:51 -0700
"HCTITS" == HCTITS Security Division <security () humancentrictech com> writes:


HCTITS> Attached, find the latest reissue of the Gaim festival plugin.  The guy
HCTITS> that wrote it, wrote it for pre-0.68 Perl API, but it was secure against
HCTITS> the sort of attack that Error described.  I have since taken it and
HCTITS> recoded it to work with post-0.68 versions of Gaim.  It is attached.  By
HCTITS> all means, if you see an exploitable bug in there, let me know!  I'm
HCTITS> just a perl-tot..

Please, please, PLEASE use the code I posted here.

-- 
Randal L. Schwartz - Stonehenge Consulting Services, Inc. - +1 503 777 0095
<merlyn () stonehenge com> <URL:http://www.stonehenge.com/merlyn/>
Perl/Unix/security consulting, Technical writing, Comedy, etc. etc.
See PerlTraining.Stonehenge.com for onsite and open-enrollment Perl training!

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html
Previous By Date Next
Previous By Thread Next

Current thread: