Nmap Security Scanner
*Intro
*Ref Guide
*Install Guide
*Download
*Changelog
*Book
*Docs
Security Lists
*Nmap Hackers
*Nmap Dev
*Bugtraq
*Full Disclosure
*Pen Test
*Basics
*More
Security Tools
*Pass crackers
*Sniffers
*Vuln Scanners
*Web scanners
*Wireless
*Exploitation
*Packet crafters
*More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

bugtraq logo Bugtraq mailing list archives

Gld 1.5 released (security fix)
From: Salim Gasmi <salim () gasmi net>
Date: 13 Apr 2005 17:47:36 -0000
In-Reply-To: <20050412004111.562AC7A890E () ws4-4 us4 outblaze com>

Hi,

gld 1.5 has been released today .

This version fixes the issues and add new features .

You can download it here : http://www.gasmi.net/down/gld-1.5.tgz

Note about the exploit released:
To be effective, the exploit needs to connect via TCP to gld.
Normally, gld listen only to loopback interface (default option)
and thus disable the exploit.

In the rare cases, where gld listen on a real network interface
(in case where gld server is on a different host than smtp servers)
it must be configured to only accept trusted smtp servers to connect to
and of course not everybody, this of course disable the exploit too.

Finally, by default gld run as nobody, and thus, no root access should
be directly possible via gld .

Best regards,

Salim

  By Date           By Thread  

Current thread:
  • Gld 1.5 released (security fix) Salim Gasmi (Apr 13)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]