Date: Tue, 19 Apr 2016 15:09:32 +0000 From: Nathan Van Gheem <vangheem@...il.com> To: "oss-security@...ts.openwall.com" <oss-security@...ts.openwall.com> Subject: CVE Request: Privilege escalation in webdav Can a CVE be assigned to this issue, please? https://plone.org/security/20160419/privilege-escalation-in-webdav A missing webdav security declaration would allow unauthorized webdav access. The relevant code is: https://plone.org/security/20150910/ The vendor credits with the discovery: Thomas Mogensen Thanks, let me know if you'd like more information. -- Nathan Van Gheem Director of Solutions Engineering Wildcard Corp
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ