Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: MDKSA-2000:039 - xchat update

From: Decklin Foster <decklin () RED-BEAN COM>
Date: Sat, 26 Aug 2000 03:33:58 -0400
Joey Hess writes:


Actually it is. The "netscape (existing)" and "netscape (new window)"
menu entries are safe,


Actually they're vulnerable too.

http://drugs.org/just/say/'`yes`&apos;

The rule just puts openURL(%s) in single quotes, which can easily be
broken out of as in the above pseudo-URL.

I'm arguing for the use of execvp instead on the xchat mailing list,
we'll see how this goes. It's 3:30 AM and I won't be able to write any
code for it until tomorrow.

--
There is no TRUTH. There is no REALITY. There is no CONSISTENCY. There
are no ABSOLUTE STATEMENTS. I'm very probably wrong. -- BSD fortune(6)
Previous By Date Next
Previous By Thread Next

Current thread: