Date: Mon, 6 Dec 2010 15:08:56 -0500 (EST) From: "Steven M. Christey" <coley@...us.mitre.org> To: oss-security@...ts.openwall.com Subject: Re: Can I request a cve for pfsense regarding --> "pfSense "graph.php" Cross-Site Scripting Vulnerabilities" The original Full-Disclosure post also mentions a number of issues that only affect pfsense 2 beta 4. So, I've assigned CVE-2010-4412 for these other issues. To review: CVE-2010-4246 - graph.php (pfsense stable and 2 beta 4) CVE-2010-4412 - pkg_edit.php, pkg.php, status_graph.php, interfaces.php (only 2 beta 4) - Steve On Wed, 24 Nov 2010, Josh Bressers wrote: > ----- "dave b" <db.pub.mail@...il.com> wrote: > >> Can I request a cve for pfsense regarding --> "pfSense "graph.php" >> Cross-Site Scripting Vulnerabilities" >> >> http://secunia.com/advisories/42138 >> (the original email can be found at >> http://seclists.org/fulldisclosure/2010/Nov/43 ). > > Please use CVE-2010-4246 for this. > > Thanks. > > -- > JB >
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ