oss-sec mailing list archives
Re: [Ticket#2012111110000015] TYPO3-CORE-SA-2012-005: Several Vulnerabilities in TYPO3 Core
From: TYPO3 Security Team <security () typo3 org>
Date: Sun, 16 Jun 2013 13:46:05 +0200
Dear Kurt Seifried, Thank you for your request. I'm a bit embarrassed about our response time :( Very sorry for that. Things will vastly improve in the near future! 12/10/2012 22:40 - Kurt Seifried wrote:
Can the Typo3 security team please confirm the following:Component Type: TYPO3 Core Affected Versions: 4.5.0 up to 4.5.20, 4.6.0 up to 4.6.13, 4.7.0 upto 4.7.5 and development releases of the 6.0 branch.Vulnerability Types: SQL Injection, Cross-Site Scripting,Information Disclosure so no CVE's needed for this, this is simply a summary of the below issues?
True!
Vulnerable subcomponent: TYPO3 Backend History Module Vulnerability Type: SQL Injection, Cross-Site Scripting Solution: Update to the TYPO3 version 4.5.21, 4.6.14 or 4.7.6 thatfix the problem described!Credits: Credits go to Thomas Worm who discovered and reported theissue. Did he discover both the SQL Injection and the Cross-Site Scripting issues?
No, he only discovered the XSS. We discovered the SQLi while fixing the XSS.
Can you provide a link to the specific code fixes?
Here it is. https://review.typo3.org/16304
so 2 cve's needed correct?
Yes.
Vulnerable subcomponent: TYPO3 Backend History Module Vulnerability Type: Information DisclosureSolution: Update to the TYPO3 version 4.5.21, 4.6.14 or 4.7.6 that fix the problem described!Credits: Credits go to Core Team Member Oliver Hader who discoveredand fixed the issue. so one cve needed here? Can you provide a link to the specific code fixes?
Yes. It's also fixed in the same change: https://review.typo3.org/16304
Vulnerable subcomponent: TYPO3 Backend API Vulnerability Type: Cross-Site Scripting Solution: Update to the TYPO3 version 4.5.21, 4.6.14 or 4.7.6 thatfix the problem described!Credits: Credits go to Johannes Feustel who discovered and reportedthe issue. so one cve needed here? Can you provide a link to the specific code fixes?
Yes: https://review.typo3.org/16305
Vulnerability Type: Cross-Site Scripting Solution: Update to the TYPO3 version 4.5.21, 4.6.14 or 4.7.6 thatfix the problem described!Credits: Credits go to Richard Brain who discovered and reported theissue. so one cve needed here? Can you provide a link to the specific code fixes?
Yes: https://review.typo3.org/16300 Regards, Helmut Hummel Member of the TYPO3 Security Team -- TYPO3 Security Team homepage: http://typo3.org/teams/security/ E-Mail: security () typo3 org Please note: When replying to this e-mail, please leave the header intact.
Current thread:
- Re: [Ticket#2012111110000015] TYPO3-CORE-SA-2012-005: Several Vulnerabilities in TYPO3 Core TYPO3 Security Team (Jun 16)