Re: [Nolug] [bugtraq] Openoffice 1.1.0 DoS

From: mikey_at_otiscorp.com
Date: Fri, 10 Oct 2003 10:40:14 -0400 (EDT)
Message-ID: <2026.192.168.1.1.1065796814.squirrel@mail.otiscorp.com>

> On Thu, 2003-10-09 at 19:39, Mark A. Hershberger wrote:
>> More vulnerable Open Source Software.
>
> The fact that it is "Severity : Low" tells us a lot. After all,
> StarOffice will still work in "regular" mode.

Does anyone know if this affects non-windows versions? I can't find
anything saying it does.

>> When enabling remote access (UNO) to OpenOffice,
>> it opens a port (default 8100). This is done typically with
>> the following command:
>>
>> C:\Programme\oo1.1.0\program> soffice
>> "-accept=socket,host=<ip>,port=8100;urp;"

Of course this applies to remote access and there's -always- going to be
some 'sploit waiting to be discovered with that.

--
Since-beer-leekz,
Mikey   http://raeder.us
Unix Mercenary-We're not happy until you're not happy
___________________
Nolug mailing list
nolug@nolug.org
Received on 10/10/03

This archive was generated by hypermail 2.2.0 : 12/19/08 EST