Date: Tue, 19 Mar 2013 08:16:19 -0400 From: larry Cashdollar <larry0@...com> To: oss-security@...ts.openwall.com Subject: Fwd: CVE requests Here is my CVE request I sent to mitre. Begin forwarded message: > From: larry Cashdollar <larry0@...com> > Date: March 16, 2013, 8:40:05 AM AST > To: "cve-assign@...re.org" <cve-assign@...re.org> > Subject: Re: CVE requests > > Hi, I've been asked to assign CVEs to the following vulnerabilities. > > http://www.osvdb.org/show/osvdb/91232 > http://www.osvdb.org/show/osvdb/91231 > http://www.osvdb.org/show/osvdb/91230 > > Thanks again! > > Larry C$ > > On Mar 15, 2013, at 4:01 PM, cve-assign@...re.org wrote: > >> -----BEGIN PGP SIGNED MESSAGE----- >> Hash: SHA1 >> >>> Sorry I missed one: >>> >>> http://osvdb.org/show/osvdb/90926 >> >> Use CVE-2013-2561. >> >> >>> I didn't see CVEs for the following issue either: >>> >>> http://packetstormsecurity.com/files/108462/mambocms465-permdosdisclose.txt >> >> Use CVE-2013-2562 for the storage of the cleartext MySQL database password in the document root. >> >> Use CVE-2013-2563 for the storage of the admin password hash with unsafe permissions. >> >> Use CVE-2013-2564 for the DoS. >> >> Use CVE-2013-2565 for all of the path disclosure issues. >> >> >>> Finally, http://osvdb.org/89910 is about a reportedly fixed >>> vulnerability in an Oracle product. >> >> Unfortunately, we still have not been able to complete our process for >> assigning a CVE to this type of an Oracle product vulnerability. We >> are continuing to pursue this and will let you know. >> >> - -- >> CVE assignment team, MITRE CVE Numbering Authority >> M/S M300 >> 202 Burlington Road, Bedford, MA 01730 USA >> [ PGP key available through http://cve.mitre.org/cve/request_id.html ] >> -----BEGIN PGP SIGNATURE----- >> Version: GnuPG v1.4.11 (SunOS) >> >> iQEcBAEBAgAGBQJRQ31jAAoJEGvefgSNfHMdwdkH/0vJgMovy8W8ydyZZ6OPo6/O >> 9wHdQ/oKpa2KTBTyy8ojfoAD/ljAva77pQgNGimI7C02r3RwArbgFiSR7CcUodI7 >> +icKAATYCuX53jbBxrwhbXbYgOwW/1wg9uMFlTuuLz3EUi4MpO/ksDGgIYGCbRu8 >> i+MZRFCZp0p28n0Uu6Fy8Os3KXWsILtxPX+u6Su8xqWVE6yJ2yjuovB0OWXgstfD >> F3Ca7CUhl5yaBkzdo4hkQded4DuaOXcHqT5ScTmhhf+nrZTrx+Pho4YjkylSJ3dl >> Fd6MD6aI+GbRDmP1KdQsuGpB2zVW0KeHoy9QDATVNnLLKHX8/EL2n+Dv13HN9LI= >> =94H1 >> -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ