Date: Sat, 24 Dec 2011 08:39:35 -0700 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com CC: Henri Salo <henri@...v.fi> Subject: Re: CVE-request 2006: Joomla Web Link Submission title Parameter SQL injection On 12/24/2011 08:05 AM, Henri Salo wrote: > Is it possible to get CVE assigned for very old Joomla-issue? > > http://osvdb.org/show/osvdb/26626 > http://secunia.com/advisories/20746/ > http://www.exploit-db.com/exploits/1922/ > http://www.securityfocus.com/archive/1/437496 > > I can see from honeypot-logs that they are still using this vulnerability. I did not yet find Joomla-references for this. If this is too old vulnerability for CVE or wrong reason please notify me. > > - Henri Salo It's never to late for a CVE! This issue doesn't appear to be CVE-2006-3481 so I guess it gets a new CVE. Please use CVE-2006-7247 for this issue. -- -Kurt Seifried / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ