oss-sec mailing list archives
Re: CVE-request: OpenKM 5.1.7 Privilege Escalation / OS Command Execution (XSRF based)
From: Henri Salo <henri () nerv fi>
Date: Fri, 27 Apr 2012 13:33:16 +0300
On Fri, Mar 23, 2012 at 09:09:30AM -0600, Kurt Seifried wrote:
On 03/23/2012 04:00 AM, Henri Salo wrote:Can I get CVE-identifiers for these two security vulnerabilities? http://osvdb.org/show/osvdb/78105 COMPASS-2012-001 http://osvdb.org/show/osvdb/78106 COMPASS-2012-002 - Henri SaloI'm going to need some original vendor information (name, site, etc.). -- Kurt Seifried Red Hat Security Response Team (SRT)
Finally I got response from the vendor. I tried via several different ways. Now Paco Avila kindly said he will collect the information, but it will take a while. - Henri Salo
Current thread:
- Re: CVE-request: OpenKM 5.1.7 Privilege Escalation / OS Command Execution (XSRF based) Henri Salo (Apr 27)
- <Possible follow-ups>
- Re: CVE-request: OpenKM 5.1.7 Privilege Escalation / OS Command Execution (XSRF based) Henri Salo (May 04)
- Re: CVE-request: OpenKM 5.1.7 Privilege Escalation / OS Command Execution (XSRF based) Kurt Seifried (May 04)