[Dshield] WMF AGAIN?
Johannes B. Ullrich
jullrich at sans.org
Tue Jan 10 01:47:42 GMT 2006
Hernandez, Moses wrote:
>Anyone here worried by this post on the ISC website?
So far this only looks like a DoS, which I don't rate as that critical.
There is some talk that this could become a remote code execution, but
haven't seen any prove of that so far.
Note that sadly these kind of vulnerabilities are quite comon across all
OS's. The WMF issue from last week was in so far special as it kind of
used a 'feature' that made the exploit very easy.
Johannes Ullrich jullrich at sans.org
Chief Research Officer (617) 639 5000
PGP Key: https://secure.dshield.org/PGPKEYS
"We use [isc.sans.org] every day to keep on top of
security at our bank" Matt, Network Administrator.
-------------- next part --------------
A non-text attachment was scrubbed...
Size: 256 bytes
Desc: OpenPGP digital signature
Url : http://www.dshield.org/pipermail/list/attachments/20060109/a5f1abb1/signature.bin
More information about the list