Home page logo

bugtraq logo Bugtraq mailing list archives

CVStrac Remote Arbitrary Code Execution exploit
From: Richard Ngo <rtngo () yahoo com>
Date: Thu, 5 Aug 2004 10:57:09 -0700 (PDT)

Hi, Im Richard Ngo, this is the first time i report an
exploit and found a remote exploit that could allow
arbitrary code execution in CVStrac.

sample exploit


All versions vulnerable. I have not contacted
cvstrac.org since i cant find their email address.
Please give me credit for the exploit and *please dont
release the exploit code to the public* for other
websites security. Maybe just create an advisory.
Thank you.

Do You Yahoo!?
Tired of spam?  Yahoo! Mail has the best spam protection around 

  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]