Prev-20 Home Next-20 1 msg Choose the quote that matches your financial needs 2 msg about install --reinstall for overwriting possi... 1 msg dhcp delivered subnet broadcast address: 255.25... 1 msg Hey remember i told you about this Madeleine Re: [SECURITY] [DSA 717-1] New lsh packages fix... \ Jerome Lacoste (30 Apr 2005) 5 msg how to display the SSHd fingerprint 1 msg Re: [SECURITY] [DSA 719-1] New prozilla package... 19 msg Fixing stupid PHP application design flaws 3 msg Dns refresh 1 msg FROM MR. PAUL . 3 msg FIle access auditing 1 msg Re: [SECURITY] [DSA 715-1] New cvs packages fix... 1 msg Time may be running out -apx 1 msg Cordula Sonnhalter heute nicht im Haus : [SECUR... 1 msg Hi, everyone 2 msg sshd: Disable PAM if you do not want to use pas... 2 msg Re: [SECURITY] [DSA 713-1] New junkbuster packa... 1 msg Snort log stuff 3 msg slocate 2.6-1.3.3 fails to install 1 msg DoS vulnerability in postgrey - fixed, upgraded... Prev-20 Home Next-20

Prev-Msg Prev-Thread Debian-security Apr-2005 Next-Thread Next-Msg Subject: Re: [SECURITY] [DSA 717-1] New lsh packages fix severalvulnerabilities Group: Debian-security From: Jerome Lacoste Date: 30 Apr 2005 Hi, > CAN-2003-0826 > > Bennett Todd discovered a heap buffer overflow in lshd which could > lead to the execution of arbitrary code. This vulnerability was reported 18 months ago. Is it possible to know: - why it wasn't fixed in the meantime -how it was found out it hadn't been done? If Debian was the only distrib late, should I consider this security status Debian specific? Jerome -- To UNSUBSCRIBE, email to debian-security-REQUEST with a subject of "unsubscribe". Trouble? Contact listmaster Prev-Msg Prev-Thread Debian-security Apr-2005 Next-Thread Next-Msg

© 2004-2008 readlist.com