Re: IBM AS/400 HTTP Server '/' attack

From: Thorat_private
Date: Thu Nov 08 2001 - 14:03:54 PST

Next message: aleph1at_private: "Extracting a 3DES key from an IBM 4758"

Previous message: bugzillaat_private: "[RHSA-2001:147-09] remote exploit possible in lpd"
Maybe in reply to: 'ken'@FTU: "IBM AS/400 HTTP Server '/' attack"
Next in thread: Mike Turk: "Re: IBM AS/400 HTTP Server '/' attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1


 > Since I reported this "non-security" bug so long ago I hope it is fixed
 > through the regular set of changes. I cannot confirm this bug was fixed.
 > As far as I know this vulnerability was not yet reported to the public.

JD Glaser and Saumil Shah (Foundstone) covered this in their Blackhat 
Session in Hong Kong.  I would think that the materials would be on the 
Blackhat site (www.blackhat.com) at this point if you wanted to check them out.

AD

-----BEGIN PGP SIGNATURE-----
Version: PGP 7.1

iQA/AwUBO+sBSohsmyD15h5gEQKKBQCgrMT7uTCR0JYv47L1SzSb7/lA1cUAoMGq
91VNuoD4NNYuB2Vp080Fh4nI
=7ZNB
-----END PGP SIGNATURE-----

Next message: aleph1at_private: "Extracting a 3DES key from an IBM 4758"
Previous message: bugzillaat_private: "[RHSA-2001:147-09] remote exploit possible in lpd"
Maybe in reply to: 'ken'@FTU: "IBM AS/400 HTTP Server '/' attack"
Next in thread: Mike Turk: "Re: IBM AS/400 HTTP Server '/' attack"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Thu Nov 08 2001 - 23:19:29 PST