Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Sat, 16 Jun 2012 19:38:50 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Hanno Böck <hanno@...eck.de>
Subject: Re: CVE request: phplist before 2.10.18 XSS and sql
 injection

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 06/15/2012 09:19 PM, Hanno Bck wrote:
> http://www.exploit-db.com/exploits/18639/
> 
> cite from there: "Desc: Input passed via the parameter 'sortby' is
> not properly sanitised before being returned to the user or used in
> SQL queries. This can be exploited to manipulate SQL queries by
> injecting arbitrary SQL code. The param 'num' is vulnerable to a
> XSS issue where the attacker can execute arbitrary HTML and script
> code in a user's browser session in context of an affected site."

Please use CVE-2012-2740 for this issue.

> Upstreams release notes for 2.10.18: 
> http://www.phplist.com/?lid=567 mentions: "This version fixes a few
> small bugs and a security issue that was found. The security issues
> fixed require the administrator to be logged in. Therefore the
> vulnerability can be classified as "intermediate". There's no
> immediate danger of the vulnerabilities to be exploited remotely."

Please use CVE-2012-2741 for this issue.

- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/

iQIcBAEBAgAGBQJP3TUqAAoJEBYNRVNeJnmTVVcQAKZF3tiBYRW9a0NoT6OXCFDk
NR8KJJyW9zCKfebdPgTOa0uIG4KvpFUsV+3RmFYq2I8F7yQyIRKV1ppQ6HaDptX+
kSH6jlnW7Zv+Nbyvn6DhuE3T+RbqJLU7OGwexRF/DcQyNMgfK/xILNh+yeXBe8+C
HJrGB5exSBTqGizNV9KtwUqgOmm27Qh3fZCI/Xn78NdE6l/PyObVNRtNT4G+5b3R
Av+zp/nxyOwM72RLfGRbsFguWyYDHLBYEYiBAhIXVudPYGmE/Zq+vkFA5adOEluh
HiTcX3JUPBxHsyztZVWXnR99ZUWvs8umfwDFNfn7HtMB63Ihev51tO43iBFiDWXR
55CcedMtFzEYTYDXV52SDUlMP5hUChsxTFm+V4ySoLSNHo+ciUKi429W57C+2KEQ
t1cMIQeOaSuGfvlTRcmc9xr5AvsJY/pCYLl2EiYB3fI+e23kdVMsMl8OvCABxehH
P5xcWkjAzk/uqa0h4/v+8p/UN0CXrV+j1lVug11dAPeKk+1sx7syzhGOAc2m0dG9
OEQlnqByVELXinNhtp8xUtwPXowOOpwS2WmFMntePk5ArKjSn+oyFtHrO7Nz569d
KLkdU9BXlf3MahPAFryOtwFepWhn5A1nsS4tj1GPCbRipcPlXftx0cVuPVRStLym
gX40DcGMNqZ0ElJdYIV9
=JVAs
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ