From jericho at attrition.org Sun Jan 6 21:59:23 2013 From: jericho at attrition.org (security curmudgeon) Date: Sun, 6 Jan 2013 21:59:23 -0600 (CST) Subject: [VIM] BID 5408 & 5927 dupes? Message-ID: Between the references for each, appear that these are possible dupes. From jericho at attrition.org Mon Jan 7 13:44:36 2013 From: jericho at attrition.org (security curmudgeon) Date: Mon, 7 Jan 2013 13:44:36 -0600 (CST) Subject: [VIM] ZDI duplicate CVE assignment between 2 advisories? Message-ID: While ensuring we have a complete mapping to ZDI advisories, ran across two that have the same CVE identifier, yet were released months apart: http://www.zerodayinitiative.com/advisories/ZDI-11-311/ http://www.zerodayinitiative.com/advisories/ZDI-12-136/ Based on the details available, they seem to be different issues that should not share the same CVE identifier. ZDI-12-136 does not indicate when it was fixed exactly, instead referencing the default Apple security update page. Are these truly the same issue, or was there an incorrect CVE assignment? Thanks, jericho From theall at tenable.com Mon Jan 14 14:59:29 2013 From: theall at tenable.com (George A. Theall) Date: Mon, 14 Jan 2013 15:59:29 -0500 Subject: [VIM] BackupPC 'RestoreFile.pm' Cross Site Scripting Vulnerability Message-ID: The newly created BID 57301 appears to be a dup of BID 47628 -- the newer BID references CVE-2011-5081, which in turn references High-Tech Bridge's HTB22965, same as the earlier BID. Rob / Venkat? can you confirm? George -- theall at tenable.com From theall at tenable.com Wed Jan 16 06:43:10 2013 From: theall at tenable.com (George A. Theall) Date: Wed, 16 Jan 2013 07:43:10 -0500 Subject: [VIM] PHPShop CMS Multiple SQL Injection Vulnerabilities Message-ID: <90C3E391-F2D9-43FB-8CEB-C157C2662FA8@tenable.com> BID 57320 was created yesterday for the SQL injections reported in EDB-ID 24108: http://localhost/phpshop 2.0/?page=admin/function_list&module_id=11' union select 1,database(),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1 -- http://localhost/phpshop 2.0/?page=shop/flypage&product_id=1087'/**/union/**/select/**/1,1,1,1,1,password,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,username/**/from/**/auth_user_md5-- These are among the issues reported in http://archives.neohapsis.com/archives/bugtraq/2009-12/0099.html and covered already by BID 37227 And the shop/flypage one was also reported earlier in http://archives.neohapsis.com/archives/bugtraq/2008-02/0014.html and is covered by BID 27570 Rob / Venkat? George -- theall at tenable.com From Narayan_Agarwalla at symantec.com Wed Jan 16 09:41:01 2013 From: Narayan_Agarwalla at symantec.com (Narayan Agarwalla) Date: Wed, 16 Jan 2013 07:41:01 -0800 Subject: [VIM] BackupPC 'RestoreFile.pm' Cross Site Scripting Vulnerability In-Reply-To: References: Message-ID: <96CC6D276D1CC043905F0666B28DA2CB2A9FE7773B@APJ1XCHEVSPIN30.SYMC.SYMANTEC.COM> Hi George, Thanks for the mail and we have updated our records. Retired BID: 57301 as a duplicate to 47628. Regards, Narayan -----Original Message----- From: vim-bounces at attrition.org [mailto:vim-bounces at attrition.org] On Behalf Of George A. Theall Sent: Tuesday, January 15, 2013 2:29 AM To: Vulnerability Information Managers Subject: [VIM] BackupPC 'RestoreFile.pm' Cross Site Scripting Vulnerability The newly created BID 57301 appears to be a dup of BID 47628 -- the newer BID references CVE-2011-5081, which in turn references High-Tech Bridge's HTB22965, same as the earlier BID. Rob / Venkat... can you confirm? George -- theall at tenable.com From Narayan_Agarwalla at symantec.com Wed Jan 16 11:59:49 2013 From: Narayan_Agarwalla at symantec.com (Narayan Agarwalla) Date: Wed, 16 Jan 2013 09:59:49 -0800 Subject: [VIM] PHPShop CMS Multiple SQL Injection Vulnerabilities In-Reply-To: <90C3E391-F2D9-43FB-8CEB-C157C2662FA8@tenable.com> References: <90C3E391-F2D9-43FB-8CEB-C157C2662FA8@tenable.com> Message-ID: <96CC6D276D1CC043905F0666B28DA2CB2A9FE777D2@APJ1XCHEVSPIN30.SYMC.SYMANTEC.COM> Hi George, BID 37227: Information regarding 'product_id' and 'module_id' parameters moved to BID 27570 and BID 57320. BID 27570: phpshop 2.0 added as vulnerable BID 57320: Information regarding 'product_id' moved to BID 27570 Thanks and Regards, Narayan -----Original Message----- From: vim-bounces at attrition.org [mailto:vim-bounces at attrition.org] On Behalf Of George A. Theall Sent: Wednesday, January 16, 2013 6:13 PM To: Vulnerability Information Managers Subject: [VIM] PHPShop CMS Multiple SQL Injection Vulnerabilities BID 57320 was created yesterday for the SQL injections reported in EDB-ID 24108: http://localhost/phpshop 2.0/?page=admin/function_list&module_id=11' union select 1,database(),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1 -- http://localhost/phpshop 2.0/?page=shop/flypage&product_id=1087'/**/union/**/select/**/1,1,1,1,1,password,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,username/**/from/**/auth_user_md5-- These are among the issues reported in http://archives.neohapsis.com/archives/bugtraq/2009-12/0099.html and covered already by BID 37227 And the shop/flypage one was also reported earlier in http://archives.neohapsis.com/archives/bugtraq/2008-02/0014.html and is covered by BID 27570 Rob / Venkat? George -- theall at tenable.com