oss-sec mailing list archives
Re: CVE id request: slash
From: Steffen Joeris <steffen.joeris () skolelinux de>
Date: Thu, 5 Jun 2008 02:59:26 +1000
Hi
The Slashdote (also just known as Slash) vulnerability was an SQL injection. Its effect was to allow a user with no special authorization to read any information from any table the Slash site's mysql user was authorized to read (which may include other databases, including information_schema).
<snip> CVE-2008-2231 from the debian pool was allocated to this as a reference. Cheers Steffen
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- CVE id request: slash Steffen Joeris (Jun 04)
- Re: CVE id request: slash Steffen Joeris (Jun 04)