oss-sec mailing list archives
Fwd: CVE requests
From: larry Cashdollar <larry0 () me com>
Date: Tue, 19 Mar 2013 08:16:19 -0400
Here is my CVE request I sent to mitre. Begin forwarded message:
From: larry Cashdollar <larry0 () me com> Date: March 16, 2013, 8:40:05 AM AST To: "cve-assign () mitre org" <cve-assign () mitre org> Subject: Re: CVE requests Hi, I've been asked to assign CVEs to the following vulnerabilities. http://www.osvdb.org/show/osvdb/91232 http://www.osvdb.org/show/osvdb/91231 http://www.osvdb.org/show/osvdb/91230 Thanks again! Larry C$ On Mar 15, 2013, at 4:01 PM, cve-assign () mitre org wrote:-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1Sorry I missed one: http://osvdb.org/show/osvdb/90926Use CVE-2013-2561.I didn't see CVEs for the following issue either: http://packetstormsecurity.com/files/108462/mambocms465-permdosdisclose.txtUse CVE-2013-2562 for the storage of the cleartext MySQL database password in the document root. Use CVE-2013-2563 for the storage of the admin password hash with unsafe permissions. Use CVE-2013-2564 for the DoS. Use CVE-2013-2565 for all of the path disclosure issues.Finally, http://osvdb.org/89910 is about a reportedly fixed vulnerability in an Oracle product.Unfortunately, we still have not been able to complete our process for assigning a CVE to this type of an Oracle product vulnerability. We are continuing to pursue this and will let you know. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.11 (SunOS) iQEcBAEBAgAGBQJRQ31jAAoJEGvefgSNfHMdwdkH/0vJgMovy8W8ydyZZ6OPo6/O 9wHdQ/oKpa2KTBTyy8ojfoAD/ljAva77pQgNGimI7C02r3RwArbgFiSR7CcUodI7 +icKAATYCuX53jbBxrwhbXbYgOwW/1wg9uMFlTuuLz3EUi4MpO/ksDGgIYGCbRu8 i+MZRFCZp0p28n0Uu6Fy8Os3KXWsILtxPX+u6Su8xqWVE6yJ2yjuovB0OWXgstfD F3Ca7CUhl5yaBkzdo4hkQded4DuaOXcHqT5ScTmhhf+nrZTrx+Pho4YjkylSJ3dl Fd6MD6aI+GbRDmP1KdQsuGpB2zVW0KeHoy9QDATVNnLLKHX8/EL2n+Dv13HN9LI= =94H1 -----END PGP SIGNATURE-----
Current thread:
- Fwd: CVE requests larry Cashdollar (Mar 19)
- <Possible follow-ups>
- Fwd: CVE requests larry Cashdollar (Mar 19)