[MBT] new entry in pkg mc "allows remote attackers to execute arbitrary code during symlink conversion"
bugs at pld-linux.org
bugs at pld-linux.org
Wed Jan 28 18:05:46 CET 2004
Date: 2004-01-28 18:05:45+01 Author: (kreutzm) <kreutzm at itp.uni-hannover.de>
Title: allows remote attackers to execute arbitrary code during symlink conversion
Ticket ID: #815
Ticket URL: http://bugs.pld-linux.org/?bug=815
Package: mc-1:4.5.55-10
Distribution: PLD-1.0.main
Category: security problem
Current state: opened
Text:
PLD is indeed vulnerable. A demonstration can be found on
buggzy.narod.ru/exp.tgz
*** State changed to 'opened'
More information about the pld-bugs
mailing list