[Imc-aotearoa-tech] Active security flaw
finn c.
finn at animal-liberation.org.nz
Thu Jul 31 00:10:26 PDT 2003
Hi,
> Are you on IMC-Tech?
Yep, ours is 2/3rds patched, will fix up the final file tomorrow.
seeya,
finn
>
> RnB,
> Strypey
>
> BTW How's Pooneke?
>
> sveasca at yahoo.com wrote:
> "Hey IMC tech folks. This is my second attempt to
> post this message - I think mailman assumed that my
> first posting was spam...
>
> I have a friend who was poking around on the IMC
> sites recently who claims to have found a "huge"
> security hole in Active that leaves the site open for
> posts, deletes, and much more maliscious stuff. He has
> given me detailed information about what the hole is,
> how it works, and a suggested patch, but he didn't
> want to post the information to an open list.
> I've forwarded the info to my local techs (Boston
> IMC) but the same code is used for lots of IMC sites,
> so you need to know, too. My friend has informed the
> vendor and is going to inform the public in... 12
> days, so you're going to hafta hop on this if you want
> to fix the hole before it becomes common knowledge.
>
> Because this *is* a security hole, if someone
> from this list can contact me privately (and give me a
> reference that I can confirm with one of my local
> Boston techs or other longstanding Boston IMC member)
> I'll forward the information over to you."
>
> --
> "What preparation would you like me to have done..."
> "Just read, just read."
> - Kim Hill and John Pilger
>
> http://aotearoa.indymedia.org/
> _______________________________________________
> imc-aotearoa-tech mailing list
> imc-aotearoa-tech at lists.indymedia.org
> http://lists.indymedia.org/mailman/listinfo/imc-aotearoa-tech
>
>
More information about the imc-aotearoa-tech
mailing list