[Full-Disclosure] Update: iDEFENSE Security Advisory 11.19.02b: Eudora Script Execution Vulnerability

From: David Endler (dendlerat_private)
Date: Wed Nov 20 2002 - 07:39:34 PST

Next message: Silvio Cesare: "Re: [Full-Disclosure] Security Update: [CSSA-2002-050.0] Linux: tcpdump denial-of-service in print-bgp.c"

Previous message: Arab VieruZ: "XSS bug in phpBB"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

After speaking with Magnus Bodin [magnusat_private], it is clear that
he had already discovered various components of this vulnerability.  


     http://online.securityfocus.com/archive/1/262704
     http://online.securityfocus.com/archive/1/282631
     http://online.securityfocus.com/archive/1/282993
     http://online.securityfocus.com/archive/1/283018
     http://online.securityfocus.com/archive/1/287896

The CREDIT section of http://www.idefense.com/advisory/11.19.02b.txt
has been properly updated.  Thanks to Paul Szabo for bringing this to
our attention.

- -dave

David Endler, CISSP
Director, Technical Intelligence
iDEFENSE, Inc.
14151 Newbrook Drive
Suite 100
Chantilly, VA 20151
voice: 703-344-2632
fax: 703-961-1071

dendlerat_private
www.idefense.com

-----BEGIN PGP SIGNATURE-----
Version: PGPfreeware 6.5.8 for non-commercial use <http://www.pgp.com>

iQA/AwUBPdurr0rdNYRLCswqEQJCDgCg7yZDdR0VstiGp/nY6CWF0LGqoLoAn3z9
0g6PHFQ9J14WMWnSseTeO90h
=g8FT
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

Next message: Silvio Cesare: "Re: [Full-Disclosure] Security Update: [CSSA-2002-050.0] Linux: tcpdump denial-of-service in print-bgp.c"
Previous message: Arab VieruZ: "XSS bug in phpBB"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Wed Nov 20 2002 - 08:36:31 PST