[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include

To: Gadi Evron <ge@xxxxxxxxxxxx>
Subject: Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include
From: Stefano Zanero <s.zanero@xxxxxxxxxxxxxxxx>
Date: Mon, 29 Jan 2007 20:46:53 +0100

Gadi Evron wrote:
> How can we all automate the testing process for fake vulns in and list
> them as such without overburdening OSVDB, CVE, Milworm and SecuriTeam?

I suggest to ask for a pointer to the single source file where the
vulnerability exists, a pointer to the archive of the correct version of
the application, and a clear description of the vuln, or otherwise
reject the posting altogether.

This would at least add a filter... and make our life easier when
cross-checking.

Stefano

References:
- Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include
  - From: Gadi Evron

Prev by Date: Arbitrary Code Execution in SQL-Ledger and LedgerSMB through redirects
Next by Date: [ GLSA 200701-25 ] X.Org X server: Multiple vulnerabilities
Previous by thread: Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include
Next by thread: Re: local Calendar System v1.1 (lcStdLib.inc) Remote File Include
Index(es):
- Date
- Thread