Home page logo
/

oss-sec logo oss-sec mailing list archives

Re: Re: CVE request: LetoDMS, more issues
From: Kurt Seifried <kseifried () redhat com>
Date: Wed, 31 Oct 2012 09:31:13 -0600

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 10/30/2012 01:28 PM, Raphael Geissert wrote:
On Friday 05 October 2012 23:11:36 Raphael Geissert wrote:
Hi,

Some more issues were fixed in LetoDMS...

* Fixed in 3.3.8 Multiple XSS: 
http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/inc/


inc.ClassUI.php?r1=930&r2=929&pathrev=930
http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/out


/out.DocumentNotify.php?r1=934&r2=933&pathrev=934 (and a few others
scattered in multiple other commits)

Please use CVE-2012-4567 for this issue.

Missing CSRF protection (all part of the same thing): 
http://mydms.svn.sourceforge.net/viewvc/mydms?view=revision&revision=927


http://mydms.svn.sourceforge.net/viewvc/mydms?view=revision&revision=915
http://mydms.svn.sourceforge.net/viewvc/mydms?view=revision&revision=914


http://mydms.svn.sourceforge.net/viewvc/mydms?view=revision&revision=907
(and possibly some others...)

Please use CVE-2012-4568 for this issue.

* Fixed in 3.3.9 Multiple XSS in out/out.UsrMgr.php: 
http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/out/


out.UsrMgr.php?r1=979&r2=978&pathrev=979

Please use CVE-2012-4569 for this issue.

Regression in the above patch (fixed after the release of
3.3.9): 
http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/out


/out.UsrMgr.php?r1=982&r2=981&pathrev=982

Does this regression cause a security issue (e.g. did accidentally
putting htmlspecialchars() in actually cause a new XSS?).

LetoDMS Core: * Fixed in 3.3.8: SQL injection: 
http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/Leto


DMS_Core/Core/inc.ClassDMS.php?r1=929&r2=928&pathrev=929

Please use CVE-2012-4570 for this issue.

Could CVE ids be assigned please?

Thanks,



- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQIcBAEBAgAGBQJQkURBAAoJEBYNRVNeJnmTIcsP/jb1jrtqPGyer9NxAc9sbdKD
8ArAoQRqR70ufE+U73MKAqcWfCxOtTPVP5FuUCx0VG9+0CXW3alrZcwHReGHlLGA
281ZQco4UrztL7soSVtddkbgC8dbUwcN+RPJtg+egct+LvLY1jRXp3MCD5sHyR1k
7rEpdOe0m+vM93SgnTzQrYam5hhsRSExbYaYjHQD9JgPQY/VMkXFJj8T/hae0auH
nhriitXO3y+W9LqWxft2q8D5MSuSa7xu/X8qu+CZhWt7ekj5z+GU2kPHHpjosG+8
gO5QB+Ca8TtkobiJT/EuqRWPm+VatpRwjXCzMZRuhkpWuB10dpouqrB2mbw8qXMH
CAiKcNKqx9uT8KY51VR1mDPWFCuM7uOsGmtnx4nmlrGLphZLVAhLHprQi1kpjozJ
b3qP9OxgY+Of7dKGC2zHY2XuA0jithyLq0XMQ6fzw/2fMV8zc88JTpbxzxcmE8Lv
ZWpHNZcXwwA6KHxHLCTDXCveGR6u44SaH6hFtCqh1Kg7hqYh3iUvyPrBIDbelv/S
VnJvNrJQHJJvn65GIKwrLWEi8+Fc33IslR5qEZjYkJD73/W0fA3Jh0wnLTNTJlA7
qTkUT0BkYp6A/o7G0Ljyo7ocM8LFVmfjERhlvn8sY0Iyy8X8JpI3xl58J+ReFOka
UWJT2ypkJuEY8kag5cGM
=Z9ZU
-----END PGP SIGNATURE-----


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]