Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Wed, 21 Jul 2010 13:43:55 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security@...ts.openwall.com
Cc: lcars@...rt.org, coley <coley@...re.org>
Subject: Re: [oCERT-2010-002] Joomla input sanitization
 errors (XSS)

Please use CVE-2010-2535 for this.

Thanks.

-- 
    JB


----- "Andrea Barisani" <lcars@...rt.org> wrote:

> #2010-002 Joomla input sanitization errors (XSS)
> 
> Description:
> 
> Joomla, an open source content management system, suffers from a
> cross-site
> scripting (XSS) vulnerability.
> 
> Insufficient input sanitization on the parameters passed to pages
> related to
> administration settings leads to arbitrary javascript injection in the
> context
> of the user session, this could be potentially exploited to hijack the
> session
> of the Joomla administrator.
> 
> Affected version:
> 
> Joomla <= 1.5.19
> 
> Fixed version:
> 
> Joomla >= 1.5.20
> 
> Credit: vulnerability report and PoC received from Mesut Timur <mesut
> [at]
> mavitunasecurity [dot] com>.
> 
> CVE: N/A
> 
> Timeline:
> 
> 2010-06-01: vulnerability report received
> 2010-06-01: contacted Joomla Security Team
> 2010-07-15: Joomla advisory published
> 2010-07-20: oCERT advisory published
> 
> References:
> http://developer.joomla.org/security/news/318-20100704-core-xss-vulnerabilitis-in-back-end.html
> 
> Permalink:
> http://www.ocert.org/advisories/ocert-2010-002.html
> 
> -- 
> Andrea Barisani |                Founder & Project Coordinator
>           oCERT | Open Source Computer Emergency Response Team
> 
> <lcars@...rt.org>                         http://www.ocert.org
>  0x864C9B9E 0A76 074A 02CD E989 CE7F AC3F DA47 578E 864C 9B9E
>         "Pluralitas non est ponenda sine necessitate"

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ