oss-sec mailing list archives

Re: CVE Request: ownCloud security bypass on admin page

From: Kurt Seifried <kseifried () redhat com>
Date: Thu, 28 Nov 2013 00:41:14 -0700

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 11/28/2013 12:13 AM, Murray McAllister wrote:

Hello,

ownCloud 5.0.13 fixes a security issue:

http://owncloud.org/changelog/ SECURITY: Fix a possible security
bypass on admin page under certain circumstances and MariaDB

Can a CVE please be assigned?

Thanks,

-- Murray McAllister / Red Hat Security Response Team


Please use CVE-2013-6403  for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.15 (GNU/Linux)

iQIcBAEBAgAGBQJSlvOaAAoJEBYNRVNeJnmTp9IQAJoZwJce6cUwF3Jr/Xx8atOL
ZiJJvU7Faq+xCGjBG1RTZPRnDt0GhzWparlCvXC4H96yDUFk5tQIpUzVKwvbgA2P
TKMUKwIdEh6cIBJz1ltj5MaeeY5JXXz4bwaM4WrDgy+0VUPArsVgHdBCP/6WCNz0
BgeY5jfs1reh4pkB39qpLQ0xUab/wt2GzcVTpWznIRy9wvk5tmKmyZ6vyTKj0gvn
YvXOJ0wNFnAaSLb2WCCLsV4J4f8JvIhuT2UQXaS3lgl7q3MDH4ijZ0dDgDWErZFu
2JNzLc/WT2L/T+/puIzuutmRDDgbkW4AjMPiWk0vetXuzPTknMtux7FwEVVKHawV
Td9Ld/pYllJstA0eHu3EvWn3PD9DjNzkcYNeuSby3wAw0FGBBFcYhzuFyJhbdemb
WQ4SakWAsFCRFPNum6BE1tVesVt6ALWggnkxZ8VZGWlCTB/xGK2tSKEddd/aI6rf
f8DnDh1lTpCJOJWoWdS7j/CwJH7BfbBj0cqpXqaXSbQswCsc9lOikrLKZr56ldJx
LDPuDepD6YdpM2mlS8I/tYx8Hp3ivKKaF7whrDq9nKp1E1gz+w7SuQHmOyiQs5nA
O2vnKYTxFPUrjutEdWCmdykcAPPJ486YFxnBjbnVJcrO8uxNQ6jmGlGYXGcKvpA2
kEsafw/0LMjMCkUwsjY7
=FBGe
-----END PGP SIGNATURE-----

Current thread:

CVE Request: ownCloud security bypass on admin page Murray McAllister (Nov 27)
- Re: CVE Request: ownCloud security bypass on admin page Kurt Seifried (Nov 27)