EUVD-2008-4092

Malware in sbrugna...

Enemies of Carlotta Shell参数命令执行漏洞

Enemies of Carlotta是一款简单的邮件列表管理器。 Enemies of Carlotta在处理用户参数时存在漏洞，攻击者可能利用此漏洞在用户机器上执行任意命令。 在被用作其他应用程序的shell参数之前，Enemies of Carlotta没有正确地过滤SMTP级的邮件地址，允许远程攻击者在邮件地址中嵌入shell元字符导致执行任意命令。 Lars Wirzenius Enemies of Carlotta 1.2.3 Debian已经为此发布了一个安全公告（DSA-1236-1）以及相应补丁: DSA-1236-1：New enemies-of-carlotta...

[SECURITY] [DSA-004-1] nano symlink attack

Package : nano Problem type : symlink attack Debian-specific: no The problem that was previously reported for joe also occurs with other editors. When nano a free pico clone unexpectedly dies it tries a warning message to a new file with a predictable name the name of the file being edited with...