On Sun, Nov 15, 2009 at 01:15:50PM +0900, Ansgar Burchardt wrote:
Hi,
I just want to mention that there are many other SQL injection bugs in
this package. The one I mentioned in the initial bug report is actually
just an example.
This is also not fixed in the new upstream release (which
Hi,
I just want to mention that there are many other SQL injection bugs in
this package. The one I mentioned in the initial bug report is actually
just an example.
This is also not fixed in the new upstream release (which is also
older than six years now).
Considering that the package is no
On Sat, Aug 01, 2009 at 03:53:05AM +0200, Ansgar Burchardt wrote:
Package: gnudip
Version: 2.1.1-4.1
Severity: grave
Tags: security
Justification: user security hole
Hi,
gnudip's web interface is vulnerable to SQL injections. If one changes
the email address to something like
3 matches
Mail list logo