Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email firstname.lastname@example.org
From: Thomas Biege (thomassuse.de)
Date: Thu May 02 2002 - 08:57:33 CDT
On Tue, 30 Apr 2002, Ernesto Fries wrote:
> Hi folks,
> there will be an update from Suse for mod_frontpage ?
No, this bug hasn't a high severity.
It could just be exploited locally and the attacker has to become wwwrun
first. Even if the attacker get's access to the victims machine and
manages to become wwwrun s/he will just get access to UID >= 100.
This bug is fixed in SuSE 8.0.
-- Thomas Biege <thomassuse.de> SuSE Linux AG,Deutschherrnstr. 15-19,90429 Nuernberg Function: Security Support & Auditing "lynx -source http://www.suse.de/~thomas/contact/thomas.asc | pgp -fka" Key fingerprint = 51 AD B9 C7 34 FC F2 54 01 4A 1C D4 66 64 09 83 -- Trete durch die Form ein, und trete aus der Form heraus.
-- To unsubscribe, e-mail: suse-security-unsubscribesuse.com For additional commands, e-mail: suse-security-helpsuse.com Security-related bug reports go to securitysuse.de, not here