CVE-2008-4796: missing input sanitising
Bug #292923 reported by
François Marier
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
Debian |
Fix Released
|
Unknown
|
|||
libphp-snoopy (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Hardy |
Fix Released
|
Undecided
|
Kees Cook | ||
Intrepid |
Fix Released
|
Undecided
|
Marc Deslauriers |
Bug Description
Binary package hint: libphp-snoopy
CVE-2008-4796[0]:
| The _httpsrequest function (Snoopy/
| and earlier allows remote attackers to execute arbitrary commands via
| shell metacharacters in https URLs. NOTE: some of these details are
| obtained from third party information.
CVE References
Changed in libphp-snoopy: | |
status: | New → Confirmed |
Changed in libphp-snoopy: | |
assignee: | vincenzo-ampolo → nobody |
status: | In Progress → Fix Released |
assignee: | nobody → vincenzo-ampolo |
status: | New → In Progress |
Changed in libphp-snoopy: | |
status: | New → Confirmed |
Changed in libphp-snoopy: | |
assignee: | vincenzo-ampolo → nobody |
status: | In Progress → Triaged |
Changed in libphp-snoopy: | |
status: | Triaged → In Progress |
Changed in debian: | |
status: | Unknown → Fix Released |
To post a comment you must log in.
Trying to setup a Security update to version 1.2.4