[VIM] Plans security question (fwd)
jericho at attrition.org
Thu Jun 30 06:16:21 EDT 2005
---------- Forwarded message ----------
From: security curmudgeon <jericho at attrition.org>
To: daltonlp at gmail.com
Date: Thu, 30 Jun 2005 06:15:31 -0400 (EDT)
Subject: Plans security question
I saw the news entry dated Apr 30, 2005 for the SQL bug that could disclose the
mySQL password. Updating to 6.7.1 fixes this.
I also saw Secunia released information regarding an SQL injection attack in
plans.cgi (http://secunia.com/advisories/15854/) on Jun 29, 2005. Their note
says upgrading to 6.7.2 fixes this bug.
I did not see mention of the plans.cgi SQL injection on your news site and was
wondering if these really refer to the same vulnerability, or if this is two
Thanks for any clarification!
More information about the VIM