[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
GLOBAL Security Advisory
From: |
Shigio Yamaguchi |
Subject: |
GLOBAL Security Advisory |
Date: |
Thu, 05 Jun 2003 13:03:22 +0900 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Hello hackers,
A security hole was found in CGI program generaged by htags(1).
Please understand current situation and take a measures to meet
the situation.
[The versions which include security hole]
The following version include the security hole.
GLOBAL-4.4, 4.5, 4.5.1, 4.5.2
If you use above version and use the -f option of htags(1) with the
grep or idutils search function effective, please stop publishing
hypertext generated by htags(1), replace your GLOBAL with the fixed
version 4.5.3 and regenerate hypertext before publishing.
[The contents of the security hole]
Almost commands are world-executable by form if you publish
the hypertext generated by htags using the -f option and with
the configuration variable enable_grep or enable_idutils
specified.
If you have some questions, please mail to me (address@hidden).
Thank you for your cooporation.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)
Comment: For info see http://www.gnupg.org
iD8DBQE+3sAQPKW7s1e+3aMRAo5uAKCubOCSzf3uI2UvHCuVYEXENQzH2QCfRTNk
9vK0PbtVDAM6YoNFIF/7EuM=
=Hlea
-----END PGP SIGNATURE-----
--
Shigio Yamaguchi <address@hidden>
PGP fingerprint: D1CB 0B89 B346 4AB6 5663 C4B6 3CA5 BBB3 57BE DDA3
[Prev in Thread] |
Current Thread |
[Next in Thread] |
- GLOBAL Security Advisory,
Shigio Yamaguchi <=