oss-sec mailing list archives
Re: CVE Request: Multiple vulnerabilities in Centreon <= 2.5.3
From: Damien Cauquil <d.cauquil () sysdream com>
Date: Thu, 27 Nov 2014 13:09:09 +0100
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 My bad, here are the related commits for the unauthenticated remote command execution - - https://forge.centreon.com/projects/centreon/repository/revisions/015e875482d7ff6016edcca27bffe765c2bd77c1 - - https://forge.centreon.com/projects/centreon/repository/revisions/d00f3e015d6cf64e45822629b00068116e90ae4d Another commit is pending, related to the information disclosure vulnerability. Le 27/11/2014 13:03, Henri Salo a écrit :
On Thu, Nov 27, 2014 at 12:53:46PM +0100, Damien Cauquil wrote:We found two vulnerabilities in Centreon <= 2.5.3:For public CVE request you need to include at least one of: - Link to vulnerable source code or fix - Link to source code change log - Link to security advisory - Link to bug entry If you are unwilling or unable to share this information then please
contact
MITRE at cve-assign () mitre org for CVE-ID, thank you. For detailed information please see: https://people.redhat.com/kseifrie/CVE-OpenSource-Request-HOWTO.html --- Henri Salo
-----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iF4EAREIAAYFAlR3FGUACgkQem0Y8idpWLxcVwEAhDa+HvScE/cPMzK+6JuQGqIV Cj6aWLOQWqiM89o/unkA/R9cFzQwD0HxywlQ0R0ksVDFaCwrQ1wLY6rVJty2VRQJ =vtB7 -----END PGP SIGNATURE-----
Current thread:
- CVE Request: Multiple vulnerabilities in Centreon <= 2.5.3 Damien Cauquil (Nov 27)
- Re: CVE Request: Multiple vulnerabilities in Centreon <= 2.5.3 Henri Salo (Nov 27)
- Re: CVE Request: Multiple vulnerabilities in Centreon <= 2.5.3 Damien Cauquil (Nov 27)
- <Possible follow-ups>
- CVE Request: Multiple vulnerabilities in Centreon <= 2.5.3 Damien Cauquil (Nov 27)
- Re: CVE Request: Multiple vulnerabilities in Centreon <= 2.5.3 Henri Salo (Nov 27)