[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: sharutils: pending release of 4.6.3

From: Santiago Vila
Subject: Re: sharutils: pending release of 4.6.3
Date: Thu, 18 May 2006 02:02:32 +0200 (CEST)

On Wed, 17 May 2006, Pavel Roskin wrote:

> "If an attacker can convince a user to invoke uudecode on a malicious
> file without reviewing the included file name, the attacker can cause
> the user to overwrite any file accessible by the user."

Hmm, this is similar to http://bugs.debian.org/149454.

Isn't this a feature more than a bug?

reply via email to

[Prev in Thread] Current Thread [Next in Thread]