[Imc-aotearoa-tech] Active security flaw

finn c. finn at animal-liberation.org.nz
Fri Aug 1 17:14:51 PDT 2003 

Hi,

This has been patched, scuse the delay.

seeya,
finn

On Wed, Jul 30, 2003 at 11:10:26PM +1200, finn c. wrote:
> Hi,
> 
> 
> > Are you on IMC-Tech?
> 
> Yep, ours is 2/3rds patched, will fix up the final file tomorrow.
> 
> seeya,
> finn
> 
> > 
> > RnB,
> > Strypey
> > 
> > BTW How's Pooneke?
> > 
> > sveasca at yahoo.com wrote:
> > "Hey IMC tech folks. This is my second attempt to
> > post this message - I think mailman assumed that my
> > first posting was spam...
> > 
> >      I have a friend who was poking around on the IMC
> > sites recently who claims to have found a "huge"
> > security hole in Active that leaves the site open for
> > posts, deletes, and much more maliscious stuff. He has
> > given me detailed information about what the hole is,
> > how it works, and a suggested patch, but he didn't
> > want to post the information to an open list.
> >      I've forwarded the info to my local techs (Boston
> > IMC) but the same code is used for lots of IMC sites,
> > so you need to know, too. My friend has informed the
> > vendor and is going to inform the public in... 12
> > days, so you're going to hafta hop on this if you want
> > to fix the hole before it becomes common knowledge.
> > 
> >      Because this *is* a security hole, if someone
> > from this list can contact me privately (and give me a
> > reference that I can confirm with one of my local
> > Boston techs or other longstanding Boston IMC member) 
> > I'll forward the information over to you."
> > 
> > -- 
> > "What preparation would you like me to have done..."
> > "Just read, just read."
> > - Kim Hill and John Pilger
> > 
> > http://aotearoa.indymedia.org/
> > _______________________________________________
> > imc-aotearoa-tech mailing list
> > imc-aotearoa-tech at lists.indymedia.org
> > http://lists.indymedia.org/mailman/listinfo/imc-aotearoa-tech
> > 
> > 
> _______________________________________________
> imc-aotearoa-tech mailing list
> imc-aotearoa-tech at lists.indymedia.org
> http://lists.indymedia.org/mailman/listinfo/imc-aotearoa-tech
> 
>

More information about the imc-aotearoa-tech mailing list