[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-disclosure] CYBSEC - Security Pre-Advisory: Arbitrary File Read/Delete in SAP BC

To: full-disclosure@xxxxxxxxxxxxxxxxx
Subject: Re: [Full-disclosure] CYBSEC - Security Pre-Advisory: Arbitrary File Read/Delete in SAP BC
From: "KF (lists)" <kf_lists@xxxxxxxxxxxxxxxxxxx>
Date: Wed, 15 Feb 2006 08:31:15 -0500

Thats probably not a good idea...You could end up with a situation like this:http://www.idefense.com/intelligence/vulnerabilities/display.php?id=324

-KF

3.      Running the JVM setuid root.


_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

References:
- [Full-disclosure] CYBSEC - Security Pre-Advisory: Arbitrary File Read/Delete in SAP BC
  - From: Leandro Meiners

Prev by Date: Re: [Full-disclosure] iDefense Labs Quarterly Hacking Challenge
Next by Date: [Full-disclosure] [USN-248-2] unzip regression fix
Previous by thread: [Full-disclosure] CYBSEC - Security Pre-Advisory: Arbitrary File Read/Delete in SAP BC
Next by thread: [Full-disclosure] CYBSEC - Security Pre-Advisory: Phishing Vector in SAP BC
Index(es):
- Date
- Thread