oss-sec mailing list archives

Re: CVE request: PyForum backdoor BMSA-2009-07

From: Josh Bressers <bressers () redhat com>
Date: Tue, 26 Jul 2011 15:24:29 -0400 (EDT)

Please use CVE-2009-5025.

Thanks.

-- 
    JB

----- Original Message -----

Could I get CVE-identifier for backdoor-issue:
http://seclists.org/fulldisclosure/2009/Nov/353

Affected product: PyForum v1.0.3 (the newest available)

Other vulnerabilities affecting this version:

XSS-vulnerability:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4408
CSRF-vulnerability:
http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-4407

Please note that the backdoor-issue is dated as 2009. I have asked
status of this issue in:
http://www.pyforum.org/pyforum/default/view_topic/631

Best regards,
Henri Salo

Current thread:

CVE request: PyForum backdoor BMSA-2009-07 Henri Salo (Jul 24)
- Re: CVE request: PyForum backdoor BMSA-2009-07 Josh Bressers (Jul 26)