Package: osh Version: 1.7-13 Severity: critical Tags: security Justification: root security hole
http://lists.grok.org.uk/pipermail/full-disclosure/2005-August/036123.html Fully functional exploit works on debian and ubuntu: http://bokeoa.com/~core/x_osh2.pl Kind Regards, Charlie -- System Information: Debian Release: testing/unstable APT prefers testing APT policy: (500, 'testing') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.11.5 Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) Versions of packages osh depends on: ii libc6 2.3.2.ds1-22 GNU C Library: Shared libraries an ii libncurses5 5.4-9 Shared libraries for terminal hand ii logrotate 3.7-5 Log rotation utility osh recommends no packages. -- no debconf information -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
