Re: CVE id request: slash

[Steffen Joeris <steffen.joeris () skolelinux de>]

Hi

> The Slashdote (also just known as Slash) vulnerability was an SQL
> injection. Its effect was to allow a user with no special authorization to
> read any information from any table the Slash site's mysql user was
> authorized to read (which may include other databases, including
> information_schema).
<snip>

CVE-2008-2231 from the debian pool was allocated to this as a reference.

Cheers
Steffen

Attachment: signature.asc
Description: This is a digitally signed message part.