On Thursday 04 October 2007, Daniel-Constantin Mierla wrote: > Revision: 2852 > http://openser.svn.sourceforge.net/openser/?rev=2852&view=rev > Author: miconda > Date: 2007-10-04 06:22:45 -0700 (Thu, 04 Oct 2007) > > Log Message: > ----------- > - new PV: $adu - auth digest uri - the uri from auth credentials > - useful to tighten the security checks (can be now compared with To/R-URI > to see if it is intended destination used to compose the digest response) - > reported by Radu State
Some further informations for the archives: This is the issue described in CVE-2007-5469: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-5469? More explanations: http://lists.grok.org.uk/pipermail/full-disclosure/2007-October/066581.html Cheers, Henning _______________________________________________ Devel mailing list Devel@openser.org http://openser.org/cgi-bin/mailman/listinfo/devel
