Tag: Bugtraq

Disclosure: Greymatter Remote login/pass Disclosure

[This was originally disclosed on the Bugtraq mail list and touched up slightly for style and mirrored on attrition.org. VulnDB 4081, CVE-2002-0324.] Software: Greymatter 1.21c and earlierVulnerability: Remote administrator login/password exposureVendor Status: Notified [0] I originally saw this posted on Metafilter [1] and linked to a two line description [2]. As with many other attacks,…

February 24, 2002
Disclosure: Possible problems with ‘sudo’ package

During a recent client assessment, I discovered what I thought to be a bug in the ‘sudo’ package. After further investigating and talking with Todd C. Miller (the maintainer of ‘sudo’), I was informed that it was not a bug, but expected behavior under a default install. The reason for this post it to make…

November 18, 1998

Disclosure: Greymatter Remote login/pass Disclosure