[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] CVE-request: MyBB 1.6 <= SQL Injection
From:       Henri Salo <henri () nerv ! fi>
Date:       2012-03-25 13:37:06
Message-ID: 20120325133706.GC17257 () kludge ! henri ! nerv ! fi
[Download RAW message or body]

On Fri, Mar 23, 2012 at 09:10:07AM -0600, Kurt Seifried wrote:
> On 03/23/2012 02:38 AM, Henri Salo wrote:
> > There was a request with same subject in here: http://seclists.org/oss-sec/2011/q1/545 \
> > (2011) 
> > I don't think this one got assigned and I couldn't find the CVE-identifier so I am \
> > requsting it again. 
> > - Henri Salo
> 
> Is there a link on the MyBB site describing this issue/update?
> 
> -- 
> Kurt Seifried Red Hat Security Response Team (SRT)

It seems that this advisory http://seclists.org/oss-sec/2011/q1/545 is false-positive. Please \
see: http://dev.mybb.com/issues/1330

#mybb in Freenode were helpful :)

Could YEHG verify this?

- Henri Salo


[prev in list] [next in list] [prev in thread] [next in thread]