oss-sec mailing list archives
CVE id request: ftpd
From: Steffen Joeris <steffen.joeris () skolelinux de>
Date: Mon, 29 Sep 2008 20:22:16 +1000
Hi There seems to be a Cross-site request forgery[0] in ftpd. Upstream used these patches[1][2] to address the issue. There are also two Debian Bugreports[3][4] for this issue. Could I please get a CVE id for this? Cheers Steffen [0]: http://lists.grok.org.uk/pipermail/full-disclosure/2008-September/064697.html [1]: http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpcmd.y.diff?r1=1.50&r2=1.51&f=h [2]: http://www.openbsd.org/cgi-bin/cvsweb/src/libexec/ftpd/ftpcmd.y.diff?r1=1.51&r2=1.52&f=h [3]: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500518 [4]: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=500278
Attachment:
signature.asc
Description: This is a digitally signed message part.
Current thread:
- CVE id request: ftpd Steffen Joeris (Sep 29)
- Re: CVE id request: ftpd Robert Buchholz (Sep 29)
- Re: CVE id request: ftpd Steven M. Christey (Sep 30)
- <Possible follow-ups>
- Re: CVE id request: ftpd Josh Bressers (Sep 30)
- Re: CVE id request: ftpd Steven M. Christey (Sep 30)