Most of the links lead to the corresponding files at CERT or
other organisations. So changes take place immediately,
especially which patches should be installed or which changes
in the configuration should be made to avoid this vulnerability.
Some of the files are transferred by FTP.
By the way: If we're not publishing well-known risks
inheritant in any widely used platform or program that
doesn't mean this particular platform or program is safe
to use!
Here you find our network security search engine!
|
This is some information you send: |
|
|
Your Browser |
CCBot/1.0 (+http://www.commoncrawl.org/bot.html) |
|
Your IP address |
(no reverse DNS resolution) [38.107.191.90] |
|
Your referer |
(filtered or not existing) |
Current month, Last month, Last 10 messages, Last 20 messages (index only) | ||||||||
Chosen message with ID ae-200205-049 | ||||||||
|
|
||||||||
The uudecode utility would create an output file without checking to see if it was about to write to a symlink or a pipe. If a user uses uudecode to extract data into open shared directories, such as /tmp, this vulnerability could be used by a local attacker to overwrite files or lead to privilege escalation. Fixed packages are available now. |