Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Sun, 15 Jan 2012 17:58:06 +0200
From: Henri Salo <henri@...v.fi>
To: oss-security@...ts.openwall.com
Subject: CVE-request: NGS00109 remote code execution in ImpressPages CMS

This issue does not have CVE assigned. If I am correct this needs CVE from 2011 pool as original advisory was done in http://seclists.org/bugtraq/2011/Sep/156 but details came in http://seclists.org/bugtraq/2012/Jan/28

Vendor url: http://www.impresspages.org/news/impresspages-1-0-13-security-release/
Secunia: http://secunia.com/advisories/46193/
OSVDB: http://osvdb.org/show/osvdb/75783

eval() is evil()

- Henri Salo

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ