Date: Sat, 24 Dec 2011 08:39:35 -0700 From: Kurt Seifried <kseifried@...hat.com> To: oss-security@...ts.openwall.com CC: Henri Salo <henri@...v.fi> Subject: Re: CVE-request 2006: Joomla Web Link Submission title Parameter SQL injection On 12/24/2011 08:05 AM, Henri Salo wrote: > Is it possible to get CVE assigned for very old Joomla-issue? > > http://osvdb.org/show/osvdb/26626 > http://secunia.com/advisories/20746/ > http://www.exploit-db.com/exploits/1922/ > http://www.securityfocus.com/archive/1/437496 > > I can see from honeypot-logs that they are still using this vulnerability. I did not yet find Joomla-references for this. If this is too old vulnerability for CVE or wrong reason please notify me. > > - Henri Salo It's never to late for a CVE! This issue doesn't appear to be CVE-2006-3481 so I guess it gets a new CVE. Please use CVE-2006-7247 for this issue. -- -Kurt Seifried / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.