[VulnWatch] MyNewsGroups :) XSS patch
From: Ulf Harnhammar (ulfh@update.uu.se)Date: 09/30/02
- Previous message: Stefan Esser: "[VulnWatch] Advisory 03/2002: Fetchmail remote vulnerabilities"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Mon, 30 Sep 2002 01:05:39 +0200 (CEST) From: Ulf Harnhammar <ulfh@update.uu.se> To: bugtraq@securityfocus.com
MyNewsGroups :) XSS patch
PROGRAM: MyNewsGroups :)
VENDOR: Carlos Sanchez Valle et al.
HOMEPAGE: http://mynewsgroups.sourceforge.net/
VULNERABLE VERSIONS: 0.4, 0.4.1, possibly others
IMMUNE VERSIONS: 0.4.1 with my patch applied
SEVERITY: high
LOGIN REQUIRED: no
DESCRIPTION:
"MyNewsGroups :) is a USENET news client with a completely Web-based
interface. It is written in PHP4, and it uses a MySQL database
backend, which allows useful tools such as search engines, SPAM
filters, subscriptions, and stats to be implemented. The interface
of MyNewsGroups :) is very easy to use."
(direct quote from the program's project page at Freshmeat)
The program is published under the terms of the GNU General Public
License.
SUMMARY:
MyNewsGroups :) has got several cross-site scripting holes that are
triggered when displaying the Subject headers of newsgroup messages.
By posting a malicious newsgroup message, an attacker can take over
many MyNewsGroups :) users' accounts. The same attacker can also
trick the program into posting fake messages under the users' names.
COMMUNICATION WITH VENDOR:
The vendor was contacted on the 9th of July. They still haven't
fixed this issue.
MY PATCH:
I wrote a patch for this XSS issue, and I have included it as an
attachment to this mail. I have patched against version 0.4.1.
// Ulf Harnhammar
VSU Security
ulfh@update.uu.se
- TEXT/PLAIN attachment: mynewsgroups.patch
- Previous message: Stefan Esser: "[VulnWatch] Advisory 03/2002: Fetchmail remote vulnerabilities"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Relevant Pages
|
