oss-sec mailing list archives
CVE id request: syscp
From: Nico Golde <oss-security+ml () ngolde de>
Date: Tue, 29 Jun 2010 18:28:15 +0200
Hi, can I get a CVE id for the following issue: "today I received a mail about a severe security problem in the handling of open_basedir paths. Customers are able to add whatever path they want via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot, not the customer root." http://www.syscp-forum.org/index.php?topic=4981.0 http://bugs.debian.org/587481 Cheers Nico
Current thread:
- CVE id request: syscp Nico Golde (Jun 29)
- Re: CVE id request: syscp Josh Bressers (Jun 30)