oss-security - Re: CVE request: tikiwiki

Openwall Project		/home Owl JtR Pro crypt pam_passwdqc tcb phpass scanlogd popa3d msulogin / Linux BIND / advisories presentations / services donations / wordlists passwords / news community lists wiki CVSweb mirrors signatures
bringing security into open environments

Password Recovery Resources on the Net

[<prev] [next>] [<thread-prev] [month] [year] [list]

Date: Wed, 3 Dec 2008 12:48:24 -0500 (EST)
From: "Steven M. Christey" <coley@...us.mitre.org>
To: oss-security@...ts.openwall.com
cc: "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE request: tikiwiki < 2.2

======================================================
Name: CVE-2008-5318
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5318
Reference: CONFIRM:http://info.tikiwiki.org/tiki-read_article.php?articleId=41
Reference: CONFIRM:http://tikiwiki.svn.sourceforge.net/viewvc/tikiwiki/branches/2.0/changelog.txt?view=markup
Reference: OSVDB:50058
Reference: URL:http://www.osvdb.org/50058
Reference: SECUNIA:32341
Reference: URL:http://secunia.com/advisories/32341

Unspecified vulnerability in Tikiwiki before 2.2 has unknown impact
and attack vectors related to "size of user-provided input," a
different issue than CVE-2008-3653.

======================================================
Name: CVE-2008-5319
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-5319
Reference: CONFIRM:http://info.tikiwiki.org/tiki-read_article.php?articleId=41
Reference: CONFIRM:http://tikiwiki.svn.sourceforge.net/viewvc/tikiwiki/branches/2.0/changelog.txt?view=markup
Reference: OSVDB:50058
Reference: URL:http://www.osvdb.org/50058
Reference: SECUNIA:32341
Reference: URL:http://secunia.com/advisories/32341

Unspecified vulnerability in Tikiwiki before 2.2 has unknown impact
and attack vectors related to tiki-error.php, a different issue than
CVE-2008-3653.

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.