Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Wed, 25 Jan 2017 12:36:07 -0500
From: <cve-assign@...re.org>
To: <sandeepk.l337@...il.com>
CC: <cve-assign@...re.org>, <oss-security@...ts.openwall.com>
Subject: Re: Please assign CVE to PageKit Remote Password Reset Vulnerability

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

> https://securelayer7.net/download/pdf/SecureLayer7-Pentest-report-Pagekit-CMS.pdf
> https://securelayer7.net/download/poc/password-reset-vulnerability-exploit-ruby-pagekit-cms.rb.txt
> https://github.com/pagekit/pagekit/commit/e0454f9c037c427a5ff76a57e78dbf8cc00c268b

Use CVE-2017-5594.

The scope of this CVE is only SL7_PGKT_01 in the PDF.

- -- 
CVE Assignment Team
M/S M300, 202 Burlington Road, Bedford, MA 01730 USA
[ A PGP key is available for encrypted communications at
  http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1

iQIcBAEBCAAGBQJYiOF9AAoJEHb/MwWLVhi2LIUP/0lqqF1H5+610HMuNwOUtszA
4LRdcemLVhe23rF8NknoqzYrU5yn3i0L2aHA9Pr73d/8qfHorlzUuXr+MWWkWSm8
SLsNZMNtV9RvDCrHlzGgj7TTXgEIqQt9ZIT3fB60D0U1MNgJjzLdi9BjXZBj2gnV
91hcwgoSfbpG0V6STrTjOWX+kD154gfgP9V2ODE06KSDGmhW5vEGA4Zg4imB/jJW
txp7dnbnUZvNFeCB0M51XTTfh/1jUFU6zKEtIQBVhrW4XDtPr4iz8Fw4ULctIZbw
xmfQz21L6h7Lm7+4VvGSgz6bQD49Bu1DHa3aw9vujGNORvNJtlGF28ZncptrCWmM
L6k4TjiAKkmpHxi6WfoJEx8V5nChsYU1lrxBqHPe35D/GAK/wM1RmqSaTNgLRk5X
DNZ2E4aYGK5X4JBGHkVX9IZvpuJOwNyg6nlON7+xQUGBCBtAlje2K6Pog82Y2Cok
QaqBloctKTsMjV/MeX4az4g2cEUkkSW/XOGcIOdzLBwX6S+MdWI6xri6KJ9J/ArM
G1horfrsbhyBOMzNFp3egmUZ8bsLJd2u2YghkJD7Nx04wt/e+dtMn9RIm+QvgGb/
QmhuscXIb9gU4uBsIGZlJVO4XxNLrjzQ59hjEusVIXLzIEj9k3dRXNPWPGupvTqx
QQRuBMUuSrx0R/ryXHMu
=ltpz
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.