lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date: Thu, 18 Oct 2007 21:01:35 +0100
From: Tim Brown <timb@...-dimension.org.uk>
To: bugtraq@...urityfocus.com
Cc: full-disclosure@...ts.grok.org.uk, news@...uriteam.com
Subject: Serious holes affecting SiteBar 3.3.8

All,

As a result of a short security audit of SiteBar, a number of security holes 
were found.  The holes included code execution, a malicious redirect and 
multiple cases of Javascript injection.

After liasing with the developers, the holes have been patched.  Attached are 
the advisory and patch relating to these flaws.

CVEs open already relating to this audit:

* CVE-2006-3320 (Javascript injection) - previously reported by other parties 
but not resolved and so included for completeness

* CVE-2007-5492 (code execution) - first reported in my attached advisory to 
the vendor, independently rediscovered by Robert Buchholz of Gentoo whilst 
auditing the differences between the patched and unpatched versions (3.3.8 vs 
3.3.9)

* CVE-2007-5491 (file permissions issue) - apparently patched by the vendor at 
the same time as my issues were resolved and discovered by Robert Buchholz of 
Gentoo whilst auditing the differences between the patched and unpatched 
versions (3.3.8 vs 3.3.9)

It is intended that CVE-2007-5492 will be updated to reference both code 
execution flaws I reported.  All other issues in the advisory have been 
patched but no CVEs have yet been requested or assigned to the best of my 
knowledge.

Tim
-- 
Tim Brown
<mailto:timb@...-dimension.org.uk>
<http://www.nth-dimension.org.uk/>

View attachment "fixedvulnerability.patch" of type "text/x-diff" (36652 bytes)

Download attachment "NDSA20071016.txt.asc" of type "application/pgp-keys" (4740 bytes)

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ