[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE id request: slash
From: Steffen Joeris <steffen.joeris () skolelinux ! de>
Date: 2008-06-04 16:59:26
Message-ID: 200806050259.27141.steffen.joeris () skolelinux ! de
[Download RAW message or body]
Hi
> The Slashdote (also just known as Slash) vulnerability was an SQL
> injection. Its effect was to allow a user with no special authorization to
> read any information from any table the Slash site's mysql user was
> authorized to read (which may include other databases, including
> information_schema).
<snip>
CVE-2008-2231 from the debian pool was allocated to this as a reference.
Cheers
Steffen
["signature.asc" (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic