oss-sec mailing list archives
Re: CVE request: PostfixAdmin SQL injections and XSS
From: Christian Boltz <oss-securrity () cboltz de>
Date: Thu, 26 Jan 2012 18:55:11 +0100
Hello, Am Donnerstag, 26. Januar 2012 schrieb Kurt Seifried:
On 01/26/2012 04:07 AM, Christian Boltz wrote:we (the upstream PostfixAdmin developers) received a report about SQL injections and XSS in PostfixAdmin. Please assign a CVE number to those issues. The issues are fixed in PostfixAdmin 2.3.5, which I'll release today or tomorrow. For reference, here's the changelog with all details: - fix SQL injection in pacrypt() (if $CONF[encrypt] == 'mysql_encrypt') - fix SQL injection in backup.php - the dump was not mysql_escape()d,> therefore users could inject SQL (for example in the vacation message) which will be executed when restoring the database dump. WARNING: database dumps created with backup.php from 2.3.4 or older might> contain malicious SQL. Double-check before using them! - fix XSS with $_GET[domain] in templates/menu.php and edit-vacation - fix XSS in some create-domain input fields - fix XSS in create-alias and edit-alias error message - fix XSS (by values stored in the database) in fetchmail list view, list-domain and list-virtual - create-domain: fix SQL injection (only exploitable by superadmins) - add missing $LANG['pAdminDelete_admin_error'] - don't mark mailbox targets with recipient delimiter as "forward only" - wrap hex2bin with function_exists() - PHP 5.3.8 has it as native function
So basically we have two sets of vulnerabilities: multiple SQL injections and multiple XSS vulnerabilities, correct?
Yes, correct. (For completeness: the last 3 items ($LANG, the "forward only" marker and the hex2bin change) are non-security fixes.) Gruß Christian Boltz --
/etc/sysconfig/powersave/cpufreq contains the line: # the next lover CPU frequency. Increasing this value lowers the
^^^^^ we should keep that one ;) [Michael Gross in https://bugzilla.novell.com/show_bug.cgi?id=183704]
Current thread:
- CVE request: PostfixAdmin SQL injections and XSS Christian Boltz (Jan 26)
- Re: CVE request: PostfixAdmin SQL injections and XSS Kurt Seifried (Jan 26)
- Re: CVE request: PostfixAdmin SQL injections and XSS Christian Boltz (Jan 26)
- Re: CVE request: PostfixAdmin SQL injections and XSS Kurt Seifried (Jan 26)
- Re: CVE request: PostfixAdmin SQL injections and XSS Christian Boltz (Jan 27)
- Re: CVE request: PostfixAdmin SQL injections and XSS Christian Boltz (Jan 26)
- Re: CVE request: PostfixAdmin SQL injections and XSS Kurt Seifried (Jan 26)