Linux Mandrake – licq problems

March 22, 2001

Author: JT Smith

“Versions of Licq prior to 1.0.3 have a vulnerability involving the way Licq parses received URLs. The received URLs are passed to the web browser without any sanity checking by using the system() function. Because of the lack of checks on the URL, remote attackers can pipe other commands with the sent URLs causing the client to unwillingly execute arbitrary commands. The URL parsing code has been fixed in the most recent 1.0.3 version.” Full details at Help Net Security.

Category:

Linux

RELATED ARTICLESMORE FROM AUTHOR

Maintainer Confidential: Challenges and Opportunities One Year On

Bridging Design and Runtime Gaps: AsyncAPI in Event-Driven Architecture

Implementing OpenTelemetry Natively in an Event Broker

Innovation as a Catalyst in Telecommunications

Linux 6.8 Brings More Sound Hardware Support For Intel & AMD, Including The Steam Deck

RELATED ARTICLES MORE FROM AUTHOR