Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!


TUCoPS :: Linux :: Apps N-Z :: tclpro1.htm

TclPro Debugger beta release 1 & 2 - vulnerable to attacks



Vulnerability

    TclPro Debugger

Affected

    TclPro Debugger beta release 1 & 2

Description

    The  1.0  beta  1  &  1.0  beta  2 releases of the TclPro Debugger
    contain  a  security  hole.  A  bug  in  those  releases makes the
    debugger vulnerable to malicious attacks on the port the  debugger
    listens  on  for  connections  with  Tcl  applications.   This was
    reported by Ray Johnson.

Solution

    It is suggested  that  if  you  are  currently using either TclPro
    Debugger beta 1 or beta 2 that you stop using it and download  the
    beta 3 version of TclPro Debugger. The beta 3 release contains  no
    known  security  related  bugs.   As  with  any  beta software, we
    recommend that you never run  the debugger as root or  on machines
    that are critical to your environment.


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2014 AOH