[VIM] Plans security question (fwd)

security curmudgeon jericho at attrition.org
Thu Jun 30 06:16:21 EDT 2005

---------- Forwarded message ----------
From: security curmudgeon <jericho at attrition.org>
To: daltonlp at gmail.com
Date: Thu, 30 Jun 2005 06:15:31 -0400 (EDT)
Subject: Plans security question


I saw the news entry dated Apr 30, 2005 for the SQL bug that could disclose the 
mySQL password. Updating to 6.7.1 fixes this.

I also saw Secunia released information regarding an SQL injection attack in 
plans.cgi (http://secunia.com/advisories/15854/) on Jun 29, 2005. Their note 
says upgrading to 6.7.2 fixes this bug.

I did not see mention of the plans.cgi SQL injection on your news site and was 
wondering if these really refer to the same vulnerability, or if this is two 
seperate issues?

Thanks for any clarification!


More information about the VIM mailing list