Hi Milan,
* Milan Zamazal <[EMAIL PROTECTED]> [2007-11-28 21:03]:
> Well, the buttonpressed.sh script is clearly intended just as a piece of
> documentation with quick tips for systems without untrusted users
> (typically home computers). A system administrator who would just
> blindly uncomment t
Well, the buttonpressed.sh script is clearly intended just as a piece of
documentation with quick tips for systems without untrusted users
(typically home computers). A system administrator who would just
blindly uncomment the examples on a server with common user accounts
should better spend his
Hi!
From my previous mail regarding this issue sent elsewhere:
This issue may not affect other vendors. From quick look over
Debian/Ubuntu packages, they do not seem affected, as default
buttonpressed.sh script has almost all content commented out (just
a template / example) and daemon d
Package: scanbuttond
Severity: 0.2.3-4
Tags: security
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for scanbuttond.
CVE-2007-6131[0]:
| buttonpressed.sh in scanbuttond 0.2.3 allows local users to overwrite
| arbitrary files via a symlink attack on the (1) scan.pnm a
4 matches
Mail list logo
