Re: [SECURITY] [DSA 2611-1] movabletype-opensource security update

[Kacper Nowak <KacperN () sec-1 com>]

Hello,

This is a duplicate of CVE-2012-6315 submitted by us in December 2012.

Kind regards,

--
Kacper Nowak
Penetration Tester

Sec-1 Ltd


-----Original Message-----
From: Yves-Alexis Perez [mailto:corsac () debian org] 
Sent: 22 January 2013 06:35
To: debian-security-announce () lists debian org
Subject: [Full-disclosure] [SECURITY] [DSA 2611-1] movabletype-opensource security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian Security Advisory DSA-2611-1                   security () debian org
http://www.debian.org/security/                         Yves-Alexis Perez
January 22, 2013                       http://www.debian.org/security/faq
- -------------------------------------------------------------------------

Package        : movabletype-opensource
Vulnerability  : several
Problem type   : remote
Debian-specific: no
CVE ID         : CVE-2013-0209
Debian Bug     : 697666

An input sanitation problem has been found in upgrade functions of movabletype-opensource, a web-based publishing 
platform. Using carefully crafted requests to the mt-upgrade.cgi file, it would be possible to inject OS command and 
SQL queries.

For the stable distribution (squeeze), this problem has been fixed in version 4.3.8+dfsg-0+squeeze3.

For the testing distribution (wheezy), this problem has been fixed in version 5.1.2+dfsg-1.

For the unstable distribution (sid), this problem has been fixed in version 5.1.2+dfsg-1.

We recommend that you upgrade your movabletype-opensource packages.

Further information about Debian Security Advisories, how to apply these updates to your system and frequently asked 
questions can be found at: http://www.debian.org/security/

Mailing list: debian-security-announce () lists debian org
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.19 (GNU/Linux)

iQEcBAEBCgAGBQJQ/jMZAAoJEG3bU/KmdcClxhQH/AjkGtmqNV08gRFPbnKvAV/p
ovjbaBwCuXCwnMaYL23GCjxwJ2Ic7/jba/6f/Dnm1g6nr0T+ybbMzCjy5fQtpoQz
Nu5FMN1mfAGDQbmaruDjWcqOOdUBBv0zWAkDMCiEHJvmVyoCQxBM1/Qtrvph6gmM
SJVjd8ZkOrYZVtxEQTwxUw/um/mqKStEhlPYzMBElqYm7zXD2r3L2IrqJZz//8cm
yvYOHHVC7dwvcTgUs7bxBjkYRGTbzbynLOc13s9snOKlF7qE8BkDRuCTSzNH5BBg
wksakOGqmbjS/stTn8SsZc8tI1NHwzumJUTgOKEC7y9GwQbWzmxhw0Q9ZeNPqRo=
=Cn8s
-----END PGP SIGNATURE-----

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Sec-1 disclaimer
This e-mail and any attached files are confidential and may also be legally privileged. They are intended solely for 
the intended addressee. If you are not the addressee please e-mail it back to the sender and then immediately, 
permanently delete it. Do not read, print, re-transmit, store or act in reliance on it. This e-mail may be monitored by 
Sec-1 Ltd in accordance with current regulations. This footnote also confirms that this e-mail message has been swept 
for the presence of computer viruses currently known to Sec-1 Ltd. However, the recipient is responsible for 
virus-checking before opening this message and any attachment. Unless expressly stated to the contrary, any views 
expressed in this message are those of the individual sender and may not necessarily reflect the views of Sec-1 Ltd.

Registered Name: Sec-1 Ltd, Registration Number: 4138637, Registered in England & Wales, Registered Office Address: 
Unit 4, Spring Valley Park, Butler Way, Stanningley, Leeds, LS28 6EA.

#####################################################################################
Scanned by MailMarshal - M86 Security's comprehensive email content security solution. 
For details on purchasing MailMarshal or alternative Mail Security products please 
contact our Sales Team on 0113 257 8955 Option 1
#####################################################################################

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/