[<prev] [next>] [day] [month] [year] [list]
Message-Id: <20071019131820.1BD25DA827@mailserver7.hushmail.com>
Date: Fri, 19 Oct 2007 09:18:19 -0400
From: <full-disclosure@....hush.com>
To: <bugtraq@...urityfocus.com>,<timb@...-dimension.org.uk>
Cc: full-disclosure@...ts.grok.org.uk, news@...uriteam.com
Subject: Re: Serious holes affecting SiteBar 3.3.8
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Of course the bugs are serious, security is never a joking matter!
- -JP<classic comedian>
On Thu, 18 Oct 2007 16:01:35 -0400 Tim Brown <timb@...-
dimension.org.uk> wrote:
>All,
>
>As a result of a short security audit of SiteBar, a number of
>security holes
>were found. The holes included code execution, a malicious
>redirect and
>multiple cases of Javascript injection.
>
>After liasing with the developers, the holes have been patched.
>Attached are
>the advisory and patch relating to these flaws.
>
>CVEs open already relating to this audit:
>
>* CVE-2006-3320 (Javascript injection) - previously reported by
>other parties
>but not resolved and so included for completeness
>
>* CVE-2007-5492 (code execution) - first reported in my attached
>advisory to
>the vendor, independently rediscovered by Robert Buchholz of
>Gentoo whilst
>auditing the differences between the patched and unpatched
>versions (3.3.8 vs
>3.3.9)
>
>* CVE-2007-5491 (file permissions issue) - apparently patched by
>the vendor at
>the same time as my issues were resolved and discovered by Robert
>Buchholz of
>Gentoo whilst auditing the differences between the patched and
>unpatched
>versions (3.3.8 vs 3.3.9)
>
>It is intended that CVE-2007-5492 will be updated to reference
>both code
>execution flaws I reported. All other issues in the advisory have
>been
>patched but no CVEs have yet been requested or assigned to the
>best of my
>knowledge.
>
>Tim
>--
>Tim Brown
><mailto:timb@...-dimension.org.uk>
><http://www.nth-dimension.org.uk/>
-----BEGIN PGP SIGNATURE-----
Note: This signature can be verified at https://www.hushtools.com/verify
Charset: UTF8
Version: Hush 2.5
wpwEAQECAAYFAkcYrpsACgkQqTTbVuUWvbK7bQP+IPvLoWZejlIbkRWrTujdw3L/c+bW
aQSRaMwrU7/rB8mpnXV1e7w86DGaTEoqQWgrU7+DzH79h5u3v03kuYfsJBNQQVSGrWrn
IJBOwuBkyuib0PLgSR/t79dhe7tjF9qrRAVm+Y1PhhxI1HnnAMylXoRq6BN3SmS6r8Tn
UNaT5RI=
=1sTp
-----END PGP SIGNATURE-----
_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Powered by blists - more mailing lists