oss-sec mailing list archives
Re: CVE id request: syscp
From: Josh Bressers <bressers () redhat com>
Date: Wed, 30 Jun 2010 15:20:22 -0400 (EDT)
----- "Nico Golde" <oss-security+ml () ngolde de> wrote:
Hi, can I get a CVE id for the following issue: "today I received a mail about a severe security problem in the handling of open_basedir paths. Customers are able to add whatever path they want via the documentroot of a domain by appending a colon to it and setting the open basedir path to use that domain documentroot, not the customer root." http://www.syscp-forum.org/index.php?topic=4981.0 http://bugs.debian.org/587481
Please use CVE-2010-2476 Thanks. -- JB
Current thread:
- CVE id request: syscp Nico Golde (Jun 29)
- Re: CVE id request: syscp Josh Bressers (Jun 30)