[VIM] Re: A few more apps vulnerable to PHP XML-RPC exploits (fwd)
security curmudgeon
jericho at attrition.org
Fri Jul 8 08:40:59 EDT 2005
---------- Forwarded message ----------
From: security curmudgeon <jericho at attrition.org>
To: GulfTech Security Research <security at gulftech.org>
Cc: OSVDB <moderators at osvdb.org>
Date: Fri, 8 Jul 2005 07:39:59 -0400 (EDT)
Subject: [OSVDB Mods] Re: A few more apps vulnerable to PHP XML-RPC exploits
Hey James,
I haven't had time to dig into the details of this, but the amount of
applications vulnerable due to this flaw is pretty amazing.
Based on your extensive research, how do you see these vulnerabilities as
they relate to each other? Is this truly a single vulnerability affecting
many products because they use the same vulnerable code? Or are these
slightly different because each product implements the routines
differently?
We're still debating on whether this gets one entry in OSVDB, or gets
broken out (like CVE appears to be doing).
Thanks for any insight!
Brian
OSVDB.org
More information about the VIM
mailing list