Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Wed, 19 Feb 2014 10:08:37 +0000
From: Pedro Ribeiro <pedrib@...il.com>
To: oss-security@...ts.openwall.com
Cc: Ralf Becker <rb@...lite.de>
Subject: CVE request: remote code execution in egroupware <= 1.8.005

Hi

I have discovered a remote code execution via php unserialize in egroupware
<= 1.8.005.
Can you please assign a CVE for this vulnerability?

The full report can be obtained from my repo in
https://github.com/pedrib/PoC/raw/master/egroupware-1.8.005.txt

The changelog can be seen at http://www.egroupware.org/changelog and new
versions can be obtained from http://www.egroupware.org/download

Thanks in advance.

Regards
Pedro

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ