Date: Fri, 28 Feb 2003 12:04:54 -0500 (EST) From: Trish Lynch <trish@bsdunix.net> To: FreeBSD-gnats-submit@FreeBSD.org Cc: trish@bsdunix.net Subject: ports/48787: Ecartis port has security hole in LSG/2 Message-ID: <200302281704.h1SH4s0r051310@femme.sapphite.org>
next in thread | raw e-mail | index | archive | help
>Number: 48787 >Category: ports >Synopsis: Ecartis port has security hole in LSG/2 >Confidential: no >Severity: critical >Priority: high >Responsible: freebsd-ports-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: maintainer-update >Submitter-Id: current-users >Arrival-Date: Fri Feb 28 09:10:06 PST 2003 >Closed-Date: >Last-Modified: >Originator: Trish Lynch >Release: FreeBSD 5.0-RELEASE i386 >Organization: Ecartis core team >Environment: System: FreeBSD femme.sapphite.org 5.0-RELEASE FreeBSD 5.0-RELEASE #28: Sat Jan 18 07:40:42 EST 2003 root@femme.sapphite.org:/admins/obj/admins/src/sys/FEMME i386 >Description: Ecartis LSG/2 Web management interface allowed any user to change another's password via careful manipulation of HTML code and POST >How-To-Repeat: >Fix: Please update the port with the patch @ http://bsdunix.net/ports/ecartis-port-snap20030227.patch >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-ports-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200302281704.h1SH4s0r051310>