[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-Id: <201210052311.38808.geissert@debian.org>
Date: Fri, 5 Oct 2012 23:11:36 -0500
From: Raphael Geissert <geissert@...ian.org>
To: oss-security@...ts.openwall.com
Subject: CVE request: LetoDMS, more issues
Hi,
Some more issues were fixed in LetoDMS...
* Fixed in 3.3.8
Multiple XSS:
http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/inc/inc.ClassUI.php?r1=930&r2=929&pathrev=930
http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/out/out.DocumentNotify.php?r1=934&r2=933&pathrev=934
(and a few others scattered in multiple other commits)
Missing CSRF protection (all part of the same thing):
http://mydms.svn.sourceforge.net/viewvc/mydms?view=revision&revision=927
http://mydms.svn.sourceforge.net/viewvc/mydms?view=revision&revision=915
http://mydms.svn.sourceforge.net/viewvc/mydms?view=revision&revision=914
http://mydms.svn.sourceforge.net/viewvc/mydms?view=revision&revision=907
(and possibly some others...)
* Fixed in 3.3.9
Multiple XSS in out/out.UsrMgr.php:
http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/out/out.UsrMgr.php?r1=979&r2=978&pathrev=979
Regression in the above patch (fixed after the release of 3.3.9):
http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/out/out.UsrMgr.php?r1=982&r2=981&pathrev=982
LetoDMS Core:
* Fixed in 3.3.8:
SQL injection:
http://mydms.svn.sourceforge.net/viewvc/mydms/branches/letoDMS-3.3.x/LetoDMS_Core/Core/inc.ClassDMS.php?r1=929&r2=928&pathrev=929
etc
Cheers,
--
Raphael Geissert - Debian Developer
www.debian.org - get.debian.net
Powered by blists - more mailing lists
Please check out the
Open Source Software Security Wiki, which is counterpart to this
mailing list.
Confused about mailing lists and their use?
Read about mailing lists on Wikipedia
and check out these
guidelines on proper formatting of your messages.
