Webserver CVS (In)Security

From: methodicat_private
Date: Sun Mar 30 2003 - 13:42:02 PST

Next message: Jeremy Junginger: "Generating Hex Numbers to brute force rs_iis.c"

Previous message: Eric Hines: "Fate Research Labs Presents: Analysis of the NTDLL.DLL Exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This is a weird one.. it's not a traditional advisory, and it's not a
traditional paper.. but it's a topic that doesn't seem to be very well
known. This affects _alot_ of people, in particular open source
websites, which seem to use CVS to manage their content more than other
people.

text/plain attachment: webserver_cvs_insecurity.txt

Next message: Jeremy Junginger: "Generating Hex Numbers to brute force rs_iis.c"
Previous message: Eric Hines: "Fate Research Labs Presents: Analysis of the NTDLL.DLL Exploit"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Tue Apr 01 2003 - 11:26:29 PST