Name: Anonymous 2010-07-20 16:36
mlmmj? How much weed they had smoke to get a silly name like this?
------------------------------------------------------------------------
Debian Security Advisory DSA-2073-1 security@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
July 20, 2010 http://www.debian.org/security/faq
------------------------------------------------------------------------
Package : mlmmj
Vulnerability : insufficient input sanitising
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2009-4896
Florian Streibelt reported a a directory traversal flaw in the way the
Mailing List Managing Made Joyful mailing list manager processed
users' requests originating from the administrator web interface
without enough input validation. A remote, authenticated attacker could
use these flaws to write and / or delete arbitrary files.
------------------------------------------------------------------------
Debian Security Advisory DSA-2073-1 security@debian.org
http://www.debian.org/security/ Thijs Kinkhorst
July 20, 2010 http://www.debian.org/security/faq
------------------------------------------------------------------------
Package : mlmmj
Vulnerability : insufficient input sanitising
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2009-4896
Florian Streibelt reported a a directory traversal flaw in the way the
Mailing List Managing Made Joyful mailing list manager processed
users' requests originating from the administrator web interface
without enough input validation. A remote, authenticated attacker could
use these flaws to write and / or delete arbitrary files.