Opened 10 years ago

Closed 10 years ago

Last modified 10 years ago

#2225 closed defect (fixed)

Security issues

Reported by: Lambertus Owned by: osm@…
Priority: major Milestone:
Component: yours Version:
Keywords: security DoS proxy command injection Cc:

Description

Mattijs Laan reported three security issues (all serverside).

  • Possible DoS vulnerability in killall.php
  • Open proxy in transport.php
  • Command injection in the routing API (gosmore.php)

Change History (3)

comment:1 Changed 10 years ago by lambertus

(In [17289]) Fix security issues (Refs #2225)

comment:2 Changed 10 years ago by Lambertus

Resolution: fixed
Status: newclosed

comment:3 Changed 10 years ago by lambertus

(In [17302]) Fix typo (Refs #2225)

Note: See TracTickets for help on using tickets.