|
Message-ID: <1516926920.28600951.1352288638704.JavaMail.root@redhat.com> Date: Wed, 7 Nov 2012 06:43:58 -0500 (EST) From: Jan Lieskovsky <jlieskov@...hat.com> To: oss-security@...ts.openwall.com Cc: "Steven M. Christey" <coley@...us.mitre.org>, Jan Pokorny <jpokorny@...hat.com>, Matthew Wilkes <matthew.wilkes@...ne.org>, Plone Security Team <security@...ne.org>, Mitre CVE assign department <cve-assign@...re.org> Subject: CVE Request - Zope / Plone: Multiple vectors corrected within 20121106 fix Hello Kurt, Steve, vendors, Plone upstream has issued 20121106 HotFix correcting multiple security issues: 1) http://plone.org/products/plone/security/advisories/20121106/ 2) http://plone.org/products/plone/security/advisories/20121106-announcement Issues recapitulation (from 1) ): a) Restricted Python injection b) Reflexive HTTP header injection c) Restricted Python sandbox escape d) Restricted Python injection e) Partial restricted Python sandbox escape f) Reflexive XSS g) Partial permissions bypass h) Restricted Python sandbox escape i) Reflexive XSS j) Restricted Python injection k) DoS through unsanitised inputs into Kupu l) Anonymous users can list user account names m) Partial denial of service through Collections functionality n) Partial denial of service through internal function o) Anonymous users can batch change titles of content items p) Crafted URL allows downloading of BLOBs that are not visible to the user q) Persistent XSS via filtering bypass r) Users connected through FTP can list hidden folder contents s) Persistent XSS t) Attempting to access a view with no name returns an internal data structure u) DoS through RSS on private folder v) Timing attack in password validation w) PRNG isn't reseeded x) Form detail exposure => preliminary 24 CVE ids needed. Could you allocate a CVE ids for these? Please take this post as initial heads up for vendors regarding them. In subsequent posts I will try to provide as much details about these as possible (we to be able to determine how many of them in fact needed). Thank you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat Security Response Team
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.