subject:"Bug#582587\: mydms\: Directory transversal and CSRF vulnerabilities discovered in = 1.7.2"

Bug#582587: mydms: Directory transversal and CSRF vulnerabilities discovered in = 1.7.2

2010-07-29 Thread Moritz Muehlenhoff

On Sat, May 22, 2010 at 01:18:34AM +0100, Pedro R wrote: Package: mydms Severity: grave Tags: security Justification: user security hole Hi, some rather serious security vulnerabilities have been discovered in MyDMS = 1.7.2. One of them is directory transversal and the other several

Bug#582587: mydms: Directory transversal and CSRF vulnerabilities discovered in = 1.7.2

2010-05-21 Thread Pedro R

Package: mydms Severity: grave Tags: security Justification: user security hole Hi, some rather serious security vulnerabilities have been discovered in MyDMS = 1.7.2. One of them is directory transversal and the other several cross site request forgeries. More information is here: