[VIM] op5 Monitor Unspecified Session Hijacking Vulnerability
George Theall
gtheall at tenable.com
Mon Jan 6 13:30:21 CST 2014
On Jan 6, 2014, at 1:06 PM, Dinesh Theerthagiri <Dinesh_Theerthagiri at symantec.com> wrote:
> Hi George,
>
> I checked all the 3 BIDs 51212, 64606 and 64608 and we didn't find anything duplicate in those.
>
> BID 51212 is covering CVE-2012-0261 and CVE-2012-0262
> BID 64608 is covering CVE-2012-0263
> BID 64606 is covering CVE-2012-0264
Ack, my bad. Sorry,
>
> Thanks,
> T.Dinesh
>
>
> -----Original Message-----
> From: vim-bounces at attrition.org [mailto:vim-bounces at attrition.org] On Behalf Of George Theall
> Sent: Friday, January 03, 2014 7:58 AM
> To: Vulnerability Information Managers
> Subject: [VIM] op5 Monitor Unspecified Session Hijacking Vulnerability
>
> I see that SecurityFocus created two BIDs today for vulnerabilities reported in January 2012 - 64606 and 64608. The first of those references CVE-2012-0264 and would appear to be covered already by BID 51212, which currently references both that CVE as well as CVE-2012-0261.
>
> Dinesh / Narayan / Venkat / Rob : is the intention here ultimately to split the earlier BID and move the session hijacking into its own BID or was this just an oversight?
>
> George
> --
> theall at tenable.com
>
George
--
theall at tenable.com
More information about the VIM
mailing list