[Dshield] WMF AGAIN?

Johannes B. Ullrich jullrich at sans.org
Tue Jan 10 01:47:42 GMT 2006

Hernandez, Moses wrote:

>Anyone here worried by this post on the ISC website?
So far this only looks like a DoS, which I don't rate as that critical.
There is some talk that this could become a remote code execution, but
haven't seen any prove of that so far.

Note that sadly these kind of vulnerabilities are quite comon across all
OS's. The WMF issue from last week was in so far special as it kind of
used a 'feature' that made the exploit very easy.

Johannes Ullrich                        jullrich at sans.org
Chief Research Officer                     (617) 639 5000
PGP Key: https://secure.dshield.org/PGPKEYS 

"We use [isc.sans.org] every day to keep on top of 
 security at our bank" Matt, Network Administrator. 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://www.dshield.org/pipermail/list/attachments/20060109/a5f1abb1/signature.bin

More information about the list mailing list