Threat Level: green Handler on Duty: Didier Stevens

SANS ISC: InfoSec Handlers Diary Blog - Internet Storm Center Diary 2004-03-02 InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

WFTPD Patch available, Dell Open Manager vulnerability

Published: 2004-03-02
Last Updated: 2004-03-03 04:44:33 UTC
by Deborah Hale (Version: 1)
0 comment(s)



Texas Imperial Software has made the patch available for the WFTPD vulnerability.


For unregistered users , the link is


http://www.wftpd.com/downloads.htm .



For registered users, you should use the same web site, along with the

user name and password that was emailed to you last September for the

or emailed to you with the software when you purchased it.




Dell Open Manager Vulnerability


A critical security hole in Dell OpenManage server could leave the

product open to attack by an unauthorized user.

The vulnerability is due to a boundary error in the Web server when

handling certain HTTP POST requests. POST is an extremely common HTML

method of processing forms but can be exploited by sending a message with
a hidden but extremely long variable to cause a heap overflow.




http://www.techworld.com/news/index.cfm?fuseaction=displaynews&NewsID=1115








Deb Hale

haled@pionet.net

Keywords:
0 comment(s)
Diary Archives