oss-sec mailing list archives

Previous By Date Next
Previous By Thread Next

Re: CVE-request: SMF index.php msg parameter SQL-injection (2005)

From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 14 Sep 2012 11:29:07 -0600
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 09/14/2012 06:40 AM, Henri Salo wrote:

Hello list,

Old SQL-injection security issue in SMF does not have
CVE-identifier. Could you please assign one from year 2005,
thanks.

Affected versions: <= 1.0.4 Fixed in 1.0.5

References: http://osvdb.org/17458 
http://secunia.com/advisories/15784/

- Henri Salo ps. never too late



Can you confirm this isn't
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4159

? thanks.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://www.enigmail.net/

iQIcBAEBAgAGBQJQU2liAAoJEBYNRVNeJnmT/9oP+gI9G43TB6Yrd7XBCimfJtD2
UjrAYWk6WU/BPytajLa2aX7chgaFJBKFoTjllcWZwn2g5nQilURSjqqAS4VGc6tM
EmkQq3q1pMJP+1iylIo7NoowOvK24/2AcVCOoMdBk/U9UD/UqECUIH30HkIb2Oss
tsWjH4WbR7ASU/Iu7G0PCYEdczGHmfbOZ9Xo9LaDKp/9je4F5xSnrA+Vcc/obEkE
UfMVofyEVPbp8lJvUxH3y5A2KbwoxF9SZ/KH8N9lyDE6vDO929KBrKLEIDPHfTLG
LfDJaKfCdCDu8pDlPJIygkvvpLX1YunWL7Xeozg1uqr4GjhmM4NU2rIQeiVdZwx5
9UkJONopwjMHKO9O7ii43ScNDs4EhqaG97IF0aa1rARSU7Sn/7u8JYEW4MEqqfpE
bQuHQh+tiE5jnktkU21UWX2x+ZkRPi01PhDs98SVXAYNkWE2618lB1zzTELLRAO4
LQzwiVtENhUwyfzbSwilkJOH3kmaGrmpWRDMMc/WNO9sCkZxuRCWHWVl9TCGzsAx
FMn74Z3yDunwvA5++PJFsyk0cKU3vmaGqEQn+xM9JXnWSc0q0olJfG380LMIy+h1
61iZy+biKlVIBfYYXexeZNJKNan5b/NnHNZ/8LANBqWC2/kRM4KjdIAyJRAYhQk7
KyPJjvszZ1kXAVHQAkLk
=RNr0
-----END PGP SIGNATURE-----
Previous By Date Next
Previous By Thread Next

Current thread: