oss-sec mailing list archives

CVE request: DBMail <2.2.9

From: Matthias Geerdsen <vorlon () gentoo org>
Date: Thu, 17 Apr 2008 22:18:01 +0200

Hi,

could we get a CVE for the following issue?

From the dbmail changelog <http://dbmail.org/index.php?page=news&id=44>:
Bugs fixed since 2.2.8:
[...]

0000662: [Authentication layer] Ability to bypass authentication onActive Directory

[...]

bug report:<http://www.mail-archive.com/dbmail-dev () dbmail org/msg09942.html>


patch:
<http://git.dbmail.eu/?p=paul/dbmail;a=commitdiff;h=5a4458b9f4b1a1453e35a1c5674c2253b9d00138>


--
Matthias Geerdsen
vorlon () gentoo org

Gentoo Linux Security Team
http://security.gentoo.org

Attachment: signature.asc
Description: OpenPGP digital signature

Current thread:

CVE request: DBMail <2.2.9 Matthias Geerdsen (Apr 17)
- Re: CVE request: DBMail <2.2.9 Steven M. Christey (Apr 17)