Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Thu, 16 Sep 2010 20:45:04 -0500
From: Raphael Geissert <geissert@...ian.org>
To: oss-security@...ts.openwall.com
Subject: CVE request: weborf: directory traversal

Hi,

A directory traversal vulnerability has been reported against weborf because 
of the mitigation code is not URL encoding-aware.

Reference:
http://www.exploit-db.com/exploits/14925/

Could a CVE be assigned?

Regards,
-- 
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net


Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ