oss-sec mailing list archives
Re: Can I request a cve for pfsense regarding --> "pfSense "graph.php" Cross-Site Scripting Vulnerabilities"
From: "Steven M. Christey" <coley () linus mitre org>
Date: Mon, 6 Dec 2010 15:08:56 -0500 (EST)
The original Full-Disclosure post also mentions a number of issues that only affect pfsense 2 beta 4.
So, I've assigned CVE-2010-4412 for these other issues.
To review:
CVE-2010-4246 - graph.php (pfsense stable and 2 beta 4)
CVE-2010-4412 - pkg_edit.php, pkg.php, status_graph.php, interfaces.php
(only 2 beta 4)
- Steve
On Wed, 24 Nov 2010, Josh Bressers wrote:
----- "dave b" <db.pub.mail () gmail com> wrote:Can I request a cve for pfsense regarding --> "pfSense "graph.php" Cross-Site Scripting Vulnerabilities" http://secunia.com/advisories/42138 (the original email can be found at http://seclists.org/fulldisclosure/2010/Nov/43 ).Please use CVE-2010-4246 for this. Thanks. -- JB
Current thread:
- Can I request a cve for pfsense regarding --> "pfSense "graph.php" Cross-Site Scripting Vulnerabilities" dave b (Nov 22)
- <Possible follow-ups>
- Re: Can I request a cve for pfsense regarding --> "pfSense "graph.php" Cross-Site Scripting Vulnerabilities" Steven M. Christey (Dec 06)