[Secure-testing-team] [Secure-testing-commits] r7192 - data/CVE

Florian Weimer fw at deneb.enyo.de
Fri Nov 2 09:13:07 UTC 2007

Previous message: [Secure-testing-team] bumping severity of nufw
Next message: [Secure-testing-team] [Secure-testing-commits] r7192 - data/CVE
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>  CVE-2007-5695 (command.php in SiteBar 3.3.8 allows remote attackers to redirect users ...)
> -	- sitebar <unfixed> (low; bug #448690)
> +	- sitebar <unfixed> (unimportant; bug #448690)
> +	NOTE: there is no real exploit scenario

I disagree with that assessment.  Open redirectors pose at least a very
real reputation risk.

Previous message: [Secure-testing-team] bumping severity of nufw
Next message: [Secure-testing-team] [Secure-testing-commits] r7192 - data/CVE
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

More information about the Secure-testing-team mailing list