[VIM] re Drupal Preview Comments Remote Code Execution Vulnerability (fwd)

rkeith at securityfocus.com rkeith at securityfocus.com
Thu Feb 15 15:55:19 EST 2007


Quite right, an error on our part. The respective BIDs are being 
corrected. Thanks for the heads up George.

The files are also being updated, thanks str0ke.

--
Rob Keith
Symantec


---------- Forwarded message ----------
Date: Thu, 15 Feb 2007 14:56:47 -0600
From: str0ke <str0ke at milw0rm.com>
Reply-To: Vulnerability Information Managers <vim at attrition.org>
To: Vulnerability Information Managers <vim at attrition.org>
Subject: Re: [VIM] Drupal Preview Comments Remote Code Execution 
Vulnerability

Hopefully they will also update the files with the latest version
aswell, since the current version on the webpage doesn't work
correctly.

/str0ke

On 2/15/07, George A. Theall <theall at tenablesecurity.com> wrote:
> Sigh, looks like Security Focus just created BID 22579 for the Drupal
> exploits str0ke just wrote for the flaws already covered by BID 22306.
>
> George
> --
> theall at tenablesecurity.com
>



More information about the VIM mailing list