Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <4EF5F237.2040403@redhat.com>
Date: Sat, 24 Dec 2011 08:39:35 -0700
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Henri Salo <henri@...v.fi>
Subject: Re: CVE-request 2006: Joomla Web Link Submission title
 Parameter SQL injection

On 12/24/2011 08:05 AM, Henri Salo wrote:
> Is it possible to get CVE assigned for very old Joomla-issue?
>
> http://osvdb.org/show/osvdb/26626
> http://secunia.com/advisories/20746/
> http://www.exploit-db.com/exploits/1922/
> http://www.securityfocus.com/archive/1/437496
>
> I can see from honeypot-logs that they are still using this vulnerability. I did not yet find Joomla-references for this. If this is too old vulnerability for CVE or wrong reason please notify me.
>
> - Henri Salo
It's never to late for a CVE! This issue doesn't appear to be 
CVE-2006-3481 so I guess it gets a new CVE. Please use CVE-2006-7247 for 
this issue.

-- 

-Kurt Seifried / Red Hat Security Response Team

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.