Full Disclosure: Re: ekg insecure temporary file creation and arbitrary code execution

Nmap Security Scanner

Intro

Ref Guide

Install Guide

Download

Changelog

Book

Docs
Security Lists

Bugtraq

Basics

More
Security Tools

More
Site News
Site Search:
Exploit World
Advertising
About/Contact
Credits
Sponsors:

Full Disclosure mailing list archives

Re: ekg insecure temporary file creation and arbitrary code execution

From: Adam Wysocki <gophi () apcoh org>
Date: Wed, 6 Jul 2005 22:05:09 +0200 (CEST)

05.07.05 exploits () zataz net wrote:

Vendor informed: yes


Hi,

What do you understand by "Vendor informed"? We haven't received any 
email from you neither to private addresses nor ekg-users/ekg-devel 
mailing lists. Please also note that the script you pointed at is 
contributed by a third-party author and isn't part of ekg itself, 
neither is installed by default.

Greetings,

Adam Wysocki
ekg team

-- 
Adam Wysocki * http://www.gophi.rotfl.pl/ * GG 1234 * Fido 2:480/138
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

By Date By Thread

Current thread:

ekg insecure temporary file creation and arbitrary code execution ZATAZ Audits (Jul 05)
- Re: ekg insecure temporary file creation and arbitrary code execution Adam Wysocki (Jul 06)