[geeklog-devel] Geeklog in osvdb.org
Dirk Haun
dirk at haun-online.de
Fri Apr 2 13:15:30 EST 2004
A new site, called the open source vulnerability database, has been launched:
http://www.osvdb.org/
Even though it's a (relatively) new site, they also list old
vulnerabilities. Not surprisingly, it also has information on 12 issues
with Geeklog:
http://www.osvdb.org/searchdb.php?
action=search_title&vuln_title=geeklog&Search=Search
Some of the entries don't list any details yet, since they are "lacking
proper or complete infomation, and is in queue for processing by either a
Data Mangler or Moderator."
Others do list details. However, they also contain incorrect information.
E.g. <http://www.osvdb.org/displayvuln.php?osvdb_id=3273> refers to the
file management plugin, and recommends " Upgrade to version 1.3.8-1sr3 or
higher, as it has been reported to fix this vulnerability." which is of
course not correct.
Another example: <http://www.osvdb.org/displayvuln.php?osvdb_id=2253>
refers to problems that were found in the forum.
*sigh* I guess I have to work my way through those and send in corrections.
I'll CC: the list when I do that (which may take a while ...).
bye, Dirk
--
http://www.haun-online.de/
http://mypod.de/
More information about the geeklog-devel
mailing list