Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 20 Jan 2014 14:30:15 +0400
From: Sergey Popov <pinkbyte@...too.org>
To: oss-security@...ts.openwall.com
Subject: CVE request: Cantata vulnerability

I would like to request CVE for vulnerability in Cantata[1], which
allows attacker to steal valuable information from user's home directory
via internal HTTP server, that are not properly handled requests and
allows to download every file it has access to from host, where it runs.

More details can be acquired from upstream bugreport[2].

[1] - https://code.google.com/p/cantata/
[2] - https://code.google.com/p/cantata/issues/detail?id=356

-- 
Best regards, Sergey Popov
Gentoo developer
Gentoo Desktop Effects project lead
Gentoo Qt project lead
Gentoo Proxy maintainers project lead


[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ