Date: Thu, 4 Feb 2016 12:30:17 -0800 From: "Zach W." <kestrel@...linux.us> To: oss-security@...ts.openwall.com, cve-assign@...re.org Subject: CVE Request: Open Source Media Center insecure default config Hey all, Using several other CVEs as an example (such as http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6850), I am requesting a CVE for "OSMC: Open Source Media Center" default config. 1) Default user is osmc/osmc 2) SSH, and FTP are enabled by default, which osmc has access to 3) The interface does not require or request a password change for the default user 4) osmc has full sudoers access and can gain root access via sudo Thanks! Zach W.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ