Re: Vulnerabilities in PGPMail.pl

From: Markus Bertheau (twangerat_private)
Date: Fri Dec 07 2001 - 04:13:14 PST

Next message: Secret: "kebi-Webmail Solution vulnerability (Tested)"

Previous message: Seth Arnold: "Re: Crashing X"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Fri, 2001-11-30 at 04:45, joetestaat_private wrote:
> >       # The PGP user id must be passed via command line, so make sure
> >       #     that only legal characters are present.  Fixed by Joe Testa
> >       #     (joetestaat_private).
> >       $theUserID = $CONFIG{'pgpuserid'};
> >       $theUserID =~ /([a-zA-Z0-9]+)/;
> >       $theUserID = $1;
> >       $ret_val = open (PGP, "|$pgpprog -fea +VERBOSE=0 \"$CONFIG{$theUserID}\" > $pgptmp");
must be
$ret_val = open (PGP, "|$pgpprog -fea +VERBOSE=0 \"$theUserID\" >
$pgptmp");

Markus Bertheau

application/pgp-signature attachment: stored

Next message: Secret: "kebi-Webmail Solution vulnerability (Tested)"
Previous message: Seth Arnold: "Re: Crashing X"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Sat Dec 08 2001 - 01:38:12 PST