Date: Wed, 19 Feb 2014 10:08:37 +0000 From: Pedro Ribeiro <pedrib@...il.com> To: oss-security@...ts.openwall.com Cc: Ralf Becker <rb@...lite.de> Subject: CVE request: remote code execution in egroupware <= 1.8.005 Hi I have discovered a remote code execution via php unserialize in egroupware <= 1.8.005. Can you please assign a CVE for this vulnerability? The full report can be obtained from my repo in https://github.com/pedrib/PoC/raw/master/egroupware-1.8.005.txt The changelog can be seen at http://www.egroupware.org/changelog and new versions can be obtained from http://www.egroupware.org/download Thanks in advance. Regards Pedro
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ