HTTrack Website Copier
Free software offline browser - FORUM
Subject: Re: v3.42-2 security issue question.
Author: Xavier Roche
Date: 08/03/2008 12:00
> Is there any detailed information about the bug that
> was addressed in v3.42-3.

Depending on the usage, it can be a minor or important issue.

The bug only impact the commandline arg parsing, and therefore  the risk is
generally null (except if you want to attack your own machine), when using
httrack as a normal program.

However, if you generate a commandline from an external source, such as
automatic mirroring from a CGI application, or if the URL is injected by any
other external source to mirror automatically, it ca be a security risk.
Reply Create subthread

All articles

Subject Author Date
v3.42-2 security issue question.

08/01/2008 20:28
Re: v3.42-2 security issue question.

08/03/2008 12:00


Created with FORUM 2.0.11