Date: Thu, 26 Nov 2009 06:41:12 +0100 From: oss-security@...itz-naumann.com To: oss-security@...ts.openwall.com Subject: Re: CVE Request - Cacti - 0.8.7e -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA512 Josh Bressers wrote: > As best as I can tell, one ID will suffice. > > Please use CVE-2009-4032. It's 4 XSS issues (one of them persistent) and 1 priviledge escalation issue. An advisory is coming to a full disclosure mailing list near you any minute. If there's a way I can make things easier for you in the future please let me know. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.10 (GNU/Linux) iEYEAREKAAYFAksOFPgACgkQn6GkvSd/BgzjiwCfeLSgTSggcK6ilQ+RHRz+qePW LrYAnRocMkcDwWtDZ4kXsBOIO4U5qZU+ =9hsx -----END PGP SIGNATURE-----
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.