Follow @Openwall on Twitter for new release announcements and other news
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <20120325133706.GC17257@kludge.henri.nerv.fi>
Date: Sun, 25 Mar 2012 16:37:06 +0300
From: Henri Salo <henri@...v.fi>
To: oss-security@...ts.openwall.com, lists@...g.net
Cc: Kurt Seifried <kseifried@...hat.com>
Subject: Re: CVE-request: MyBB 1.6 <= SQL Injection

On Fri, Mar 23, 2012 at 09:10:07AM -0600, Kurt Seifried wrote:
> On 03/23/2012 02:38 AM, Henri Salo wrote:
> > There was a request with same subject in here: http://seclists.org/oss-sec/2011/q1/545 (2011)
> > 
> > I don't think this one got assigned and I couldn't find the CVE-identifier so I am requsting it again.
> > 
> > - Henri Salo
> 
> Is there a link on the MyBB site describing this issue/update?
> 
> -- 
> Kurt Seifried Red Hat Security Response Team (SRT)

It seems that this advisory http://seclists.org/oss-sec/2011/q1/545 is false-positive. Please see: http://dev.mybb.com/issues/1330

#mybb in Freenode were helpful :)

Could YEHG verify this?

- Henri Salo

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.