Home page logo
/

oss-sec logo oss-sec mailing list archives

Fwd: CVE requests
From: larry Cashdollar <larry0 () me com>
Date: Tue, 19 Mar 2013 08:16:19 -0400

Here is my CVE request I sent to mitre.

Begin forwarded message:

From: larry Cashdollar <larry0 () me com>
Date: March 16, 2013, 8:40:05 AM AST
To: "cve-assign () mitre org" <cve-assign () mitre org>
Subject: Re: CVE requests

Hi, I've been asked to assign CVEs to the following vulnerabilities.

http://www.osvdb.org/show/osvdb/91232
http://www.osvdb.org/show/osvdb/91231
http://www.osvdb.org/show/osvdb/91230

Thanks again!

Larry C$

On Mar 15, 2013, at 4:01 PM, cve-assign () mitre org wrote:

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Sorry I missed one:

http://osvdb.org/show/osvdb/90926

Use CVE-2013-2561.


I didn't see CVEs for the following issue either:

http://packetstormsecurity.com/files/108462/mambocms465-permdosdisclose.txt

Use CVE-2013-2562 for the storage of the cleartext MySQL database password in the document root.

Use CVE-2013-2563 for the storage of the admin password hash with unsafe permissions.

Use CVE-2013-2564 for the DoS.

Use CVE-2013-2565 for all of the path disclosure issues.


Finally, http://osvdb.org/89910 is about a reportedly fixed
vulnerability in an Oracle product.

Unfortunately, we still have not been able to complete our process for
assigning a CVE to this type of an Oracle product vulnerability. We
are continuing to pursue this and will let you know.

- -- 
CVE assignment team, MITRE CVE Numbering Authority
M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (SunOS)

iQEcBAEBAgAGBQJRQ31jAAoJEGvefgSNfHMdwdkH/0vJgMovy8W8ydyZZ6OPo6/O
9wHdQ/oKpa2KTBTyy8ojfoAD/ljAva77pQgNGimI7C02r3RwArbgFiSR7CcUodI7
+icKAATYCuX53jbBxrwhbXbYgOwW/1wg9uMFlTuuLz3EUi4MpO/ksDGgIYGCbRu8
i+MZRFCZp0p28n0Uu6Fy8Os3KXWsILtxPX+u6Su8xqWVE6yJ2yjuovB0OWXgstfD
F3Ca7CUhl5yaBkzdo4hkQded4DuaOXcHqT5ScTmhhf+nrZTrx+Pho4YjkylSJ3dl
Fd6MD6aI+GbRDmP1KdQsuGpB2zVW0KeHoy9QDATVNnLLKHX8/EL2n+Dv13HN9LI=
=94H1
-----END PGP SIGNATURE-----

  By Date           By Thread  

Current thread:
  • Fwd: CVE requests larry Cashdollar (Mar 19)
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]