[lcdproc] LCDd Server Patches
Robin Adams
robin@adams-online.de
Wed, 12 Sep 2001 22:47:31 +0200
Hi!
David Douthitt wrote:
> As for security - if I can get access to your network, I wonder how hard
> it would be to compromise a box running LCDd on it... with the loopback
> security patch, a box running LCDd cannot be compromised via LCDd over
> the network...
Ummm...
http://www.linux-magazin.de/ausgabe/2000/07/InsecurityNews/InsecurityNews.html
page is in german, see "Listing 7: lcdproc-exploit.c"
This exploit is for lcdproc 0.4pre9. Has anybody fixed it since then? I
couldn't find anything about this security hole in the list archive.
bye,
Robin Adams
robin@adams-online.de
-----------------------------------------------------------
To unsubscribe from this list send a blank message to
lcdproc-unsubscribe@lists.omnipotent.net