Информационная безопасность
[RU] switch to English


Cводка уязвимостей безопасности в Web-приложениях (PHP, ASP, JSP, CGI, Perl)
Опубликовано:3 июня 2012 г.
Источник:
SecurityVulns ID:12399
Тип:удаленная
Уровень опасности:
5/10
Описание:Инъекции PHP, инъекции SQL, обратный путь в каталогах, межсайтовый скриптинг, модификация файлов, утечка информации и т.д.
Затронутые продукты:ACUITY : Acuity CMS 2.6
 LIFERAY : Liferay 6.1
 PLIGG : Pligg CMS 1.2
 PRAGMAMX : pragmaMx 1.12
 SOCIALENGINE : Social Engine 4.2
 GANESHA : Ganesha Digital Library 4.0
 MAPTOOLS : Mapserver for Windows 3.0
 REQUESTTRACKER : request-tracker 3.8
 LOGANALYZER : LogAnalyzer 3.4
 SCLOGIC : SCLIntra Enterprise 5.5
 SYMPA : sympa 6.1
 IKIWIKI : ikiwiki 3.20120516
 B2EPMS : b2ePMS 1.0
CVE:CVE-2012-2452
 CVE-2012-2436 (Multiple cross-site scripting (XSS) vulnerabilities in Pligg CMS before 1.2.2 allow remote attackers to inject arbitrary web script or HTML via (1) an arbitrary parameter in a move or (2) minimize action to admin/admin_index.php; (3) the karma_username parameter to module.php in the karma module; (4) q_1_low, (5) q_1_high, (6) q_2_low, or (7) q_2_high parameter in a configure action to module.php in the captcha module; or (8) the edit parameter to module.php in the admin_language module.)
 CVE-2012-2435 (Directory traversal vulnerability in the captcha module in Pligg CMS before 1.2.2 allows remote authenticated users to include and execute arbitrary local files via a .. (dot dot) in the captcha parameter to module.php, as demonstrated by cross-site request forgery (CSRF) attacks.)
 CVE-2012-2352 (The archive management (arc_manage) page in wwsympa/wwsympa.fcgi.in in Sympa before 6.1.11 does not check permissions, which allows remote attackers to list, read, and delete arbitrary list archives via vectors related to the (1) do_arc_manage, (2) do_arc_download, or (3) do_arc_delete functions.)
 CVE-2012-2216
 CVE-2012-2098 (Algorithmic complexity vulnerability in the sorting algorithms in bzip2 compressing stream (BZip2CompressorOutputStream) in Apache Commons Compress before 1.4.1 allows remote attackers to cause a denial of service (CPU consumption) via a file with many repeating inputs.)
 CVE-2012-0220 (Multiple cross-site scripting (XSS) vulnerabilities in the meta plugin (Plugin/meta.pm) in ikiwiki before 3.20120516 allow remote attackers to inject arbitrary web script or HTML via the (1) author or (2) authorurl meta tags.)
 CVE-2011-4460 (SQL injection vulnerability in Best Practical Solutions RT 2.x and 3.x before 3.8.12 and 4.x before 4.0.6 allows remote authenticated users to execute arbitrary SQL commands by leveraging access to a privileged account.)
 CVE-2011-4459 (Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 does not properly disable groups, which allows remote authenticated users to bypass intended access restrictions in opportunistic circumstances by leveraging a group membership.)
 CVE-2011-4458 (Best Practical Solutions RT 3.6.x, 3.7.x, and 3.8.x before 3.8.12 and 4.x before 4.0.6, when the VERPPrefix and VERPDomain options are enabled, allows remote attackers to execute arbitrary code via unspecified vectors, a different vulnerability than CVE-2011-5092 and CVE-2011-5093.)
 CVE-2011-2085 (Multiple cross-site request forgery (CSRF) vulnerabilities in Best Practical Solutions RT before 3.8.12 and 4.x before 4.0.6 allow remote attackers to hijack the authentication of arbitrary users.)
 CVE-2011-2084 (Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 allows remote authenticated users to read (1) hashes of former passwords and (2) ticket correspondence history by leveraging access to a privileged account.)
 CVE-2011-2083 (Multiple cross-site scripting (XSS) vulnerabilities in Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 allow remote attackers to inject arbitrary web script or HTML via unspecified vectors.)
 CVE-2011-2082 (The vulnerable-passwords script in Best Practical Solutions RT 3.x before 3.8.12 and 4.x before 4.0.6 does not update the password-hash algorithm for disabled user accounts, which makes it easier for context-dependent attackers to determine cleartext passwords, and possibly use these passwords after accounts are re-enabled, via a brute-force attack on the database. NOTE: this vulnerability exists because of an incomplete fix for CVE-2011-0009.)
Оригинальный текстdocumentpereira_(at)_secbiz.de, b2ePMS 1.0 Authentication Bypass Vulnerability (03.06.2012)
 documentJelmer Kuperus, Liferay users can assign themselves to organizations, leading to possible privilege escalation (03.06.2012)
 documentJelmer Kuperus, Liferay 6.1 json webservices are subject to cross-site request forgery attacks (03.06.2012)
 documentJelmer Kuperus, Liferay 6.1 can be compromised without having an account on the portal (03.06.2012)
 documentJelmer Kuperus, Guests can view names and emailadresses of all Liferay users in liferay 6.1 (03.06.2012)
 documentJelmer Kuperus, Multiple xss issues in Liferay (03.06.2012)
 documentddivulnalert_(at)_ddifrontline.com, DDIVRT-2012-44 Epicor Returns Management SOAP-Based Blind SQL Injection (03.06.2012)
 documentDEBIAN, [SECURITY] [DSA 2474-1] ikiwiki security update (03.06.2012)
 documentDEBIAN, [SECURITY] [DSA 2477-1] sympa security update (03.06.2012)
 documentddivulnalert_(at)_ddifronline.com, DDIVRT-2012-43 SCLIntra Enterprise SQL Injection and Authentication Bypass (03.06.2012)
 documentFilippo Cavallarin, Multiple vulnerabilities in LogAnalyzer (03.06.2012)
 documentDEBIAN, [SECURITY] [DSA 2480-1] request-tracker3.8 security update (03.06.2012)
 documentDEBIAN, [SECURITY] [DSA 2480-2] request-tracker3.8 regression update (03.06.2012)
 documentbruk0ut.sec_(at)_gmail.com, Mapserver for Windows (MS4W) Remote Code Execution (03.06.2012)
 documentYGN Ethical Hacker Group, Acuity CMS 2.6.x <= Arbitrary File Upload (03.06.2012)
 documentYGN Ethical Hacker Group, Acuity CMS 2.6.x <= Path Traversal Arbitrary File Access (03.06.2012)
 documentMustLive, Новая XSS уязвимость в Yandex.Server (03.06.2012)
 documentSteevee a.k.a Stefanus, Ganesha Digital Library 4.0 Multiple Vulnerabilities (03.06.2012)
 documentTiago Natel de Moura, CVE-2012-2216 - Social Engine Multiples Vulnerabilities (XSS and CSRF) (03.06.2012)
 documentHigh-Tech Bridge Security Research, Multiple XSS in pragmaMx (03.06.2012)
 documentHigh-Tech Bridge Security Research, Multiple vulnerabilities in Pligg CMS (03.06.2012)

О сайте | Условия использования
© SecurityVulns, 3APA3A, Владимир Дубровин
Нижний Новгород