CNET News: Danger Level Rises for Perl App Flaws
Nov 30, 2005, 17:30 (2 Talkback[s])
(Other stories by Joris Evers)
WEBINAR: On-demand Event
Replace Oracle with the NoSQL Engagement Database: Why and how leading companies are making the switch REGISTER >
[ Thanks to Zack Aston for this link.
"A type of security flaw in Perl applications that experts
thought could lead only to a denial-of-service attack is now
believed to be much more serious.
"Dyad Security on Tuesday warned of a so-called 'format string
vulnerability' in Webmin, a Web-based administration utility
written in Perl. An attacker could gain complete control over a
server running the vulnerable software by exploiting this 'new
class' of flaw, the security research company said in an