subject:"Bug#504170\: CVE\-2008\-4796\: missing input sanitising in Snoopy.class.php"

Bug#504170: CVE-2008-4796: missing input sanitising in Snoopy.class.php

2008-11-01 Thread Nigel McNie

On Sat, Nov 01, 2008 at 10:11:56PM +1100, Steffen Joeris wrote: > Package: mahara > Severity: grave > Tags: security, patch > Justification: user security hole > > Hi, > the following CVE (Common Vulnerabilities & Exposures) id was > published for mahara. > > CVE-2008-4796[0]: > | The _httpsreque

Bug#504170: CVE-2008-4796: missing input sanitising in Snoopy.class.php

2008-11-01 Thread Steffen Joeris

Package: mahara Severity: grave Tags: security, patch Justification: user security hole Hi, the following CVE (Common Vulnerabilities & Exposures) id was published for mahara. CVE-2008-4796[0]: | The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 | and earlier allows remote atta