Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1307983372.28614@webmin.com>
Date: Mon, 13 Jun 2011 09:42:52 -0700 (PDT)
From: "Jamie Cameron" <jcameron@...min.com>
To: Henri Salo <henri@...v.fi>
Cc: oss-security@...ts.openwall.com, webadmin-devel@...ts.sourceforge.net, javierbassi@...il.com
Subject: Re: CVE-request: XSS in Webmin 1.540

On 13/Jun/2011 06:40 Henri Salo <henri@...v.fi> wrote ..
> Hi,
> 
> I would like to receive CVE-identifier for this issue in Webmin. References:
> 
> http://seclists.org/fulldisclosure/2011/Apr/393
> 
> Javier Bassi told me that the Bugtraq ID is 47558. Couldn't find this from OSVDB.
> Fixed in commit: https://github.com/webmin/webmin/commit/46e3d3ad195dcdc1af1795c96b6e0dc778fb6881
> which is included to Webmin 1.550 release.
> 
> Should be 2011 identifier.

There is no CVE for this - the original submitter Javier had trouble obtaining one.

Actually, I have no idea where CVEs come from either!

 - Jamie

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.