Date: Mon, 20 Jan 2014 14:30:15 +0400 From: Sergey Popov <pinkbyte@...too.org> To: oss-security@...ts.openwall.com Subject: CVE request: Cantata vulnerability I would like to request CVE for vulnerability in Cantata, which allows attacker to steal valuable information from user's home directory via internal HTTP server, that are not properly handled requests and allows to download every file it has access to from host, where it runs. More details can be acquired from upstream bugreport.  - https://code.google.com/p/cantata/  - https://code.google.com/p/cantata/issues/detail?id=356 -- Best regards, Sergey Popov Gentoo developer Gentoo Desktop Effects project lead Gentoo Qt project lead Gentoo Proxy maintainers project lead Download attachment "signature.asc" of type "application/pgp-signature" (556 bytes)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ