Date: Thu, 4 Feb 2016 12:30:17 -0800 From: "Zach W." <kestrel@...linux.us> To: oss-security@...ts.openwall.com, cve-assign@...re.org Subject: CVE Request: Open Source Media Center insecure default config Hey all, Using several other CVEs as an example (such as http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6850), I am requesting a CVE for "OSMC: Open Source Media Center" default config. 1) Default user is osmc/osmc 2) SSH, and FTP are enabled by default, which osmc has access to 3) The interface does not require or request a password change for the default user 4) osmc has full sudoers access and can gain root access via sudo Thanks! Zach W.
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.