oss-sec mailing list archives
Re: CVE request for radicale
From: cve-assign () mitre org
Date: Thu, 7 Jan 2016 13:23:24 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
here are for me the 3 real independent vulnerabilities reported and fixed in 1.1:
OK, we will keep the two CVE IDs already assigned in http://www.openwall.com/lists/oss-security/2016/01/06/4 and add one more CVE ID for the third issue.
3. "On MS Windows the filesystem backend allows access to the first level of files on a drive." The filesystem backend is the default storage backend. When used, it converts paths like /c:/filename/dummy to c:\filename, and allowing anybody to read/write anything anywhere, by sending requests with particular paths and contents.
Use CVE-2016-1505. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWjqzGAAoJEL54rhJi8gl5ls8P/3X6IIeZYgpQ9bwDGeVTdPiu qkeJl0cLsikGu2+uyfSTVA5s869DUXERPHLAAVq96LJBm6uWK/w22Z+3D8QPZBqF IjfR5uMe6HMizpBEiJb2MXWBS1kcjKBOU7kJKBHbToYnJCzhX8WIPW7EG69W/d+/ K4ILFTTXwO/bZunY4wdIM08mE+LQZZEvdGTLm8roIGoorl/qC/ox0ZSWx+mmkf2p PY/KPSnIPG/4gfF+50lCtluV73fI0i1m9si6IBSlwaWA9Bij1tBrtmj+TnBCKu5n KW8nRQYwGK6WKh9xZ87fxavRh7jnrwWUYNGpK/NC11DANGa9PLkz4w/oufEm3G00 4Zxd7orjvO81bD3UHiv8hYPEAHtkqBxyoDItctR+yZ0owFDd/EbrIie9yPGheeW8 EgosX7xs5nQ/YNIip2FdGZvS+kjhMvf0O/teO6exdMGlPv1UnFwCl67XyRbp8qt3 +8kaEzAgib84Jg/jEvE353MJ+kHS0FJaA6GI282lRC13OZfLVqi621KXr7xVqstD WCb0wOza2tCsmcE3nvMqmqKpIrWk+O5MPtcq5yXmpQV/LonJIqF5gQUcrW0iKEdM LFrSp20MgnrX31nRSlSvNiTijcZBCPqgi+yBhuFLbtYs95YAlLhXen7oB53NF8zn YEwGYy/Oa476zqRq3/FP =SRvk -----END PGP SIGNATURE-----
Current thread:
- CVE request for radicale Yves-Alexis Perez (Jan 05)
- Re: CVE request for radicale cve-assign (Jan 06)
- <Possible follow-ups>
- Re: CVE request for radicale Guillaume Ayoub (Jan 06)
- Re: CVE request for radicale cve-assign (Jan 07)