[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE id request: syscp
From: Josh Bressers <bressers () redhat ! com>
Date: 2010-06-30 19:20:22
Message-ID: 1478872270.1642731277925622871.JavaMail.root () zmail01 ! collab ! prod ! int ! phx2 ! redhat ! com
[Download RAW message or body]
----- "Nico Golde" <oss-security+ml@ngolde.de> wrote:
> Hi,
> can I get a CVE id for the following issue:
> "today I received a mail about a severe security problem in
> the handling of open_basedir paths. Customers are able to
> add whatever path they want via the documentroot of a domain
> by appending a colon to it and setting the open basedir path
> to use that domain documentroot, not the customer root."
>
> http://www.syscp-forum.org/index.php?topic=4981.0
> http://bugs.debian.org/587481
>
Please use CVE-2010-2476
Thanks.
--
JB
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic