Full Disclosure mailing list archives

Re: Vulnerability in sourceforge.net

From: nicolas vigier <boklm () mars-attacks org>
Date: Fri, 23 Jul 2004 02:33:04 +0200

On Thu, 22 Jul 2004, Gregory A. Gilliss wrote:

Really...FreeBSD comes with user nobody set to /sbin/nologin out of the
box. Maybe they should have chosen a better host OS?


I think they should first think about updating the kernel (I submited a
Support request yesterday but they don't really seem to care a lot about
the security of this web server).

Linux sc8-pr-web6 2.4.20-24.9bigmem #1 SMP Mon Dec 1 11:14:38 EST 2003 i686

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Current thread:

RE: Vulnerability in sourceforge.net, (continued)
- RE: Vulnerability in sourceforge.net Andrew Poodle (Jul 21)
- Re: Vulnerability in sourceforge.net Dan Duplito (Jul 21)
  - RE: Vulnerability in sourceforge.net Todd Towles (Jul 22)
    - Re: Vulnerability in sourceforge.net Gregory A. Gilliss (Jul 22)
    - Re: Vulnerability in sourceforge.net Jedi/Sector One (Jul 22)
    - RE: Vulnerability in sourceforge.net Todd Towles (Jul 22)
    - Re: Vulnerability in sourceforge.net Anders B Jansson (Jul 22)
    - Re: Vulnerability in sourceforge.net steve menard (Jul 22)
    - Re: Vulnerability in sourceforge.net a (Jul 22)
    - Re: Vulnerability in sourceforge.net J.A. Terranson (Jul 22)
    - Re: Vulnerability in sourceforge.net nicolas vigier (Jul 22)
    - Re: Vulnerability in sourceforge.net nicolas vigier (Jul 25)
- Re: Vulnerability in sourceforge.net xedx (Jul 25)