[30047] in bugtraq
Re: youbin local root exploit + advisory
daemon@ATHENA.MIT.EDU (Jeremy C. Reed)
Tue May 6 14:36:34 2003
Date: Tue, 6 May 2003 10:05:58 -0700 (PDT)
From: "Jeremy C. Reed" <reed@reedmedia.net>
To: bugtraq@securityfocus.com
In-Reply-To: <005001c313c9$4aee95d0$24029dd9@tuborg>
Message-ID: <Pine.LNX.4.43.0305060955150.1090-100000@pilchuck.reedmedia.net>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=X-UNKNOWN
Content-Transfer-Encoding: 8bit
On Tue, 6 May 2003, [iso-8859-1] Knud Erik Højgaard wrote:
> 5/5/03 - FreeBSD port maintainer notified
> 5/5/03 - FreeBSD port maintainer replies, bug is known, apparently no fix
> is planned at the moment
What about notifying the original developer?
What was the developer's response?
> 6/5/03 - public disclosure
At least you got FreeBSD to now mark it as FORBIDDEN. (Maybe submitting a
FreeBSD problem report would have gotten this done earlierr; I didn't find
one.)
What about Debian? And others that provide youbin?
Jeremy C. Reed
http://bsd.reedmedia.net/
