oss-sec mailing list archives
Re: CVE request: OSClass directory traversal vulnerability
From: Kurt Seifried <kseifried () redhat com>
Date: Mon, 02 Apr 2012 11:45:12 -0600
On 04/02/2012 10:42 AM, Filippo Cavallarin wrote:
On 2 Apr 2012, at 5:53 PM, Kurt Seifried wrote:On 04/02/2012 01:59 AM, Filippo Cavallarin wrote:Hello, Can i get a CVE identifier for this issue: http://www.codseq.it/advisories/osclass_directory_traversal_vulnerability Thanks Filippo Cavallarin C o d S e q Development with an eye on security ------------------------------------------------------------------------ Castello 2005, 30122 Venezia Tel: 041 88 761 58 - Fax: 041 81 064 714 - Cell: 346 66 93 254 c.f. CVLFPP82B27L736J - p.iva 03737650279 http://www.codseq.it - filippo.cavallarin () codseq itPlease provide links to the original vendor advisory/ChangeLog/commits/etc. -- Kurt Seifried Red Hat Security Response Team (SRT)The changelog can be found here http://osclass.org/blog/ Filippo Cavallarin
The actual blog entry: http://osclass.org/blog/2012/03/05/osclass-2-3-6/ doesn't mention anything about directory traversal. Do you have a link on their site, or the commit showing the problem or the fix? -- Kurt Seifried Red Hat Security Response Team (SRT)
Current thread:
- CVE request: OSClass directory traversal vulnerability Filippo Cavallarin (Apr 02)
- Re: CVE request: OSClass directory traversal vulnerability Kurt Seifried (Apr 02)
- Re: CVE request: OSClass directory traversal vulnerability Filippo Cavallarin (Apr 02)
- Re: CVE request: OSClass directory traversal vulnerability Kurt Seifried (Apr 02)
- Re: CVE request: OSClass directory traversal vulnerability Henri Salo (Apr 03)
- Re: CVE request: OSClass directory traversal vulnerability Kurt Seifried (Apr 04)
- Re: CVE request: OSClass directory traversal vulnerability Filippo Cavallarin (Apr 02)
- Re: CVE request: OSClass directory traversal vulnerability Kurt Seifried (Apr 02)