Hi, > Version Tested: DCForum 2000 1.0 > Severity: Any remote attacker may gain read/write/execute privilleges Isn't that the same security-leak CGISecurity (http://www.CGISecurity.com/) reportet Nov 2000 about? Moreover the current version of DCForum is 6.1. The security-leak was affecting versions 1.0 - 6.0 and was patched by DCScripts on March, 31. (http://www.dcscripts.com/FAQ/sec_2001_03_31.html) Ciao, Wolfgang -- ______________________________________________________________________ Dipl. Inf. Wolfgang Wiese XWolf CGI & Webworking xwolfat_private http://www.xwolf.com ______________________________________________________________________ PGP-key: http://www.xwolf.com/public-key.txt
This archive was generated by hypermail 2b30 : Tue Apr 17 2001 - 09:19:26 PDT