Date: Fri, 17 Sep 2010 14:28:14 -0400 (EDT) From: Josh Bressers <bressers@...hat.com> To: oss-security@...ts.openwall.com Cc: coley <coley@...re.org> Subject: Re: CVE request: weborf: directory traversal Please use CVE-2010-3306 Thanks. -- JB ----- "Raphael Geissert" <geissert@...ian.org> wrote: > Hi, > > A directory traversal vulnerability has been reported against weborf > because > of the mitigation code is not URL encoding-aware. > > Reference: > http://www.exploit-db.com/exploits/14925/ > > Could a CVE be assigned? > > Regards, > -- > Raphael Geissert - Debian Developer > www.debian.org - get.debian.net
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ