oss-sec mailing list archives
Re: CVE request: egroupware before 1.8.002 various security issues
From: Hanno Böck <hanno () hboeck de>
Date: Thu, 29 Mar 2012 08:38:28 +0200
Am Wed, 28 Mar 2012 23:04:07 -0600 schrieb Kurt Seifried <kseifried () redhat com>:
On 03/28/2012 10:26 AM, Hanno Böck wrote:http://comments.gmane.org/gmane.comp.web.egroupware.german/33144 " 1. Fixes regarding security issues like 'local file inclusion', 'sql injection', 'reflected xss' and 'open redirect'. "Make a list with specific requests and information please.
Local file inclusion: http://packetstormsecurity.org/files/101676/eGroupware-1.8.001.20110421-Local-File-Inclusion.html SQL injection in 1.8.001: http://packetstormsecurity.org/files/100179/eGroupware-1.8.001-SQL-Injection.html reflected xss: http://packetstormsecurity.org/files/100180/eGroupware-1.8.001-Cross-Site-Scripting.html open redirect: http://packetstormsecurity.org/files/101675/eGroupware-1.8.001.20110421-Open-Redirect.html -- Hanno Böck mail/jabber: hanno () hboeck de GPG: BBB51E42 http://www.hboeck.de/
Attachment:
signature.asc
Description:
Current thread:
- CVE request: egroupware before 1.8.002 various security issues Hanno Böck (Mar 28)
- Re: CVE request: egroupware before 1.8.002 various security issues Kurt Seifried (Mar 28)
- Re: CVE request: egroupware before 1.8.002 various security issues Hanno Böck (Mar 28)
- Re: CVE request: egroupware before 1.8.002 various security issues Kurt Seifried (Mar 29)
- Re: CVE request: egroupware before 1.8.002 various security issues Hanno Böck (Mar 28)
- Re: CVE request: egroupware before 1.8.002 various security issues Kurt Seifried (Mar 28)