Re: CVE request: weborf: directory traversal

[Josh Bressers <bressers () redhat com>]

Please use CVE-2010-3306

Thanks.

-- 
    JB

----- "Raphael Geissert" <geissert () debian org> wrote:

> Hi,
>
> A directory traversal vulnerability has been reported against weborf
> because 
> of the mitigation code is not URL encoding-aware.
>
> Reference:
> http://www.exploit-db.com/exploits/14925/
>
> Could a CVE be assigned?
>
> Regards,
> -- 
> Raphael Geissert - Debian Developer
> www.debian.org - get.debian.net