Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Mon, 30 Dec 2013 02:19:55 +0200
From: Henri Salo <henri@...v.fi>
To: oss-security@...ts.openwall.com
Cc: Jakob Lell <jakob@...oblell.com>
Subject: CVE request: SMF 1.1.19, 2.0.6

Can I get two CVEs for following SMF issues, thanks.

Advisory:
http://www.jakoblell.com/blog/2013/12/13/multiple-vulnerabilities-in-smf-forum-software/
http://seclists.org/fulldisclosure/2013/Dec/83

http://osvdb.org/101004 "Unspecified Clickjacking Arbitrary Code Execution"
http://osvdb.org/101005 "Unicode Homoglyph Username Spoofing Weakness"

Fixed in 1.1.19 and 2.0.6 versions.
Credit: Jakob Lell

Changelog:

"""
October 2013
-------------------------------------------------------------------------------
 ! Added some headers to help protect against clickjacking (thanks Jakob Lell for the report)
 ! Invalid avatars were not always properly cleaned up (thanks chaoztc for the report)
 ! Added protection against usernames being impersonated with Unicode space characters (thanks Jakob Lell for the report)
 ! Sessions weren't always cleaned up properly on logout (thanks creepernex for the report)
 ! Certain fields were accepted during registration even when they shouldn't be (thanks tomreyn for the report)
 ! Certain errors were unnecessarily shown during a failed registration and some of those were inappropriate anyway (thanks Labradoodle-360 for the report)
 ! Approving an account from a member's profile was not logged (thanks emanuele for the report)
 ! Approving an account from a member's profile did not always properly enforce security rules (thanks emanuele for the report)
 ! The PHPSESSID injector would also add it to the canonical link, breaking it (thanks to all who reported it)
 ! An invalid character was indicated in legacy attachment handling
 ! Under some circumstances the admin panel would not accept the number of verification questions you had entered (thanks BurkeKnight for the report)
 ! The help pages could sometimes accidentally direct users to non-existing pages (thanks AngelinaBelle for the report and Illori for the fix)
"""

Changes:

http://custom.simplemachines.org/upgrades/index.php?action=upgrade;file=smf_patch_1.1.19_2.0.6.tar.gz;smf_version=2.0.5

---
Henri Salo

[ CONTENT OF TYPE application/pgp-signature SKIPPED ]

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ