oss-sec mailing list archives
Re: Re: CVE request: LetoDMS, more issues
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 31 Oct 2012 09:31:13 -0600
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 10/30/2012 01:28 PM, Raphael Geissert wrote:
On Friday 05 October 2012 23:11:36 Raphael Geissert wrote:Hi, Some more issues were fixed in LetoDMS... * Fixed in 3.3.8 Multiple XSS: http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/inc/
inc.ClassUI.php?r1=930&r2=929&pathrev=930
http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/out
/out.DocumentNotify.php?r1=934&r2=933&pathrev=934 (and a few others
scattered in multiple other commits)
Please use CVE-2012-4567 for this issue.
Missing CSRF protection (all part of the same thing): http://mydms.svn.sourceforge.net/viewvc/mydms?view=revision&revision=927
http://mydms.svn.sourceforge.net/viewvc/mydms?view=revision&revision=915
http://mydms.svn.sourceforge.net/viewvc/mydms?view=revision&revision=914
http://mydms.svn.sourceforge.net/viewvc/mydms?view=revision&revision=907
(and possibly some others...)
Please use CVE-2012-4568 for this issue.
* Fixed in 3.3.9 Multiple XSS in out/out.UsrMgr.php: http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/out/
out.UsrMgr.php?r1=979&r2=978&pathrev=979 Please use CVE-2012-4569 for this issue.
Regression in the above patch (fixed after the release of 3.3.9): http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/out
/out.UsrMgr.php?r1=982&r2=981&pathrev=982 Does this regression cause a security issue (e.g. did accidentally putting htmlspecialchars() in actually cause a new XSS?).
LetoDMS Core: * Fixed in 3.3.8: SQL injection: http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/Leto
DMS_Core/Core/inc.ClassDMS.php?r1=929&r2=928&pathrev=929 Please use CVE-2012-4570 for this issue.
Could CVE ids be assigned please? Thanks,
- -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) iQIcBAEBAgAGBQJQkURBAAoJEBYNRVNeJnmTIcsP/jb1jrtqPGyer9NxAc9sbdKD 8ArAoQRqR70ufE+U73MKAqcWfCxOtTPVP5FuUCx0VG9+0CXW3alrZcwHReGHlLGA 281ZQco4UrztL7soSVtddkbgC8dbUwcN+RPJtg+egct+LvLY1jRXp3MCD5sHyR1k 7rEpdOe0m+vM93SgnTzQrYam5hhsRSExbYaYjHQD9JgPQY/VMkXFJj8T/hae0auH nhriitXO3y+W9LqWxft2q8D5MSuSa7xu/X8qu+CZhWt7ekj5z+GU2kPHHpjosG+8 gO5QB+Ca8TtkobiJT/EuqRWPm+VatpRwjXCzMZRuhkpWuB10dpouqrB2mbw8qXMH CAiKcNKqx9uT8KY51VR1mDPWFCuM7uOsGmtnx4nmlrGLphZLVAhLHprQi1kpjozJ b3qP9OxgY+Of7dKGC2zHY2XuA0jithyLq0XMQ6fzw/2fMV8zc88JTpbxzxcmE8Lv ZWpHNZcXwwA6KHxHLCTDXCveGR6u44SaH6hFtCqh1Kg7hqYh3iUvyPrBIDbelv/S VnJvNrJQHJJvn65GIKwrLWEi8+Fc33IslR5qEZjYkJD73/W0fA3Jh0wnLTNTJlA7 qTkUT0BkYp6A/o7G0Ljyo7ocM8LFVmfjERhlvn8sY0Iyy8X8JpI3xl58J+ReFOka UWJT2ypkJuEY8kag5cGM =Z9ZU -----END PGP SIGNATURE-----
Current thread:
- CVE request: LetoDMS, more issues Raphael Geissert (Oct 05)
- Re: CVE request: LetoDMS, more issues Raphael Geissert (Oct 30)
- Re: Re: CVE request: LetoDMS, more issues Kurt Seifried (Oct 31)
- Re: Re: CVE request: LetoDMS, more issues Raphael Geissert (Oct 31)
- Re: Re: CVE request: LetoDMS, more issues Kurt Seifried (Oct 31)
- Re: CVE request: LetoDMS, more issues Raphael Geissert (Oct 30)