OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
 
From: Marcello Magnifico [fabbricadigitale] (m.magnificofabbricadigitale.it)
Date: Mon Mar 11 2002 - 02:38:09 CST

  • Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

    Hello,
        Stefan Frings' SMStools have a couple of string format
    vulnerabilities affecting many old releases. Impact involves arbitrary
    command injection and execution with the privileges of the user running
    'smsd'. Release 1.4.8 (current) is fixing both vulnerabilities, while
    1.4.7 fixes the most trivial one. All SMStools users should upgrade to
    1.4.8 as soon as possible.
    See http://www.isis.de/members/~s.frings/smstools/ for details and download.

        C U,
        Marcello Magnifico