Vulmon Recent Vulnerabilities Research Posts Trends Blog About Contact

DSA-2121-1 typo3-src -- several vulnerabilities

Related Vulnerabilities: CVE-2010-3714   CVE-2010-3715   CVE-2010-3716   CVE-2010-3717  

Several remote vulnerabilities have been discovered in TYPO3. The Common Vulnerabilities and Exposures project identifies the following problems: CVE-2010-3714 Multiple remote file disclosure vulnerabilities in the jumpUrl mechanism and the Extension Manager allowed attackers to read files with the privileges of the account under which the web server was running. CVE-2010-3715 The TYPO3 backend contained several cross-site scripting vulnerabilities, and the RemoveXSS function did not filter all Javascript code. CVE-2010-3716 Malicious editors with user creation permission could escalate their privileges by creating new users in arbitrary groups, due to lack of input validation in the taskcenter. CVE-2010-3717 TYPO3 exposed a crasher bug in the PHP filter_var function, enabling attackers to cause the web server process to crash and thus consume additional system resources. For the stable distribution (lenny), these problems have been fixed in version 4.2.5-1+lenny6. For the unstable distribution (sid) and the upcoming stable distribution (squeeze), these problems have been fixed in version 4.3.7-1. We recommend that you upgrade your TYPO3 packages.

Source

Debian Security Advisory

DSA-2121-1 typo3-src -- several vulnerabilities

Date Reported:
19 Oct 2010
Affected Packages:
typo3-src
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2010-3714, CVE-2010-3715, CVE-2010-3716, CVE-2010-3717.
More information:

Several remote vulnerabilities have been discovered in TYPO3. The Common Vulnerabilities and Exposures project identifies the following problems:

  • CVE-2010-3714

    Multiple remote file disclosure vulnerabilities in the jumpUrl mechanism and the Extension Manager allowed attackers to read files with the privileges of the account under which the web server was running.

  • CVE-2010-3715

    The TYPO3 backend contained several cross-site scripting vulnerabilities, and the RemoveXSS function did not filter all Javascript code.

  • CVE-2010-3716

    Malicious editors with user creation permission could escalate their privileges by creating new users in arbitrary groups, due to lack of input validation in the taskcenter.

  • CVE-2010-3717

    TYPO3 exposed a crasher bug in the PHP filter_var function, enabling attackers to cause the web server process to crash and thus consume additional system resources.

For the stable distribution (lenny), these problems have been fixed in version 4.2.5-1+lenny6.

For the unstable distribution (sid) and the upcoming stable distribution (squeeze), these problems have been fixed in version 4.3.7-1.

We recommend that you upgrade your TYPO3 packages.

Fixed in:

Debian GNU/Linux 5.0 (lenny)

Source:
http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.2.5.orig.tar.gz
http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.2.5-1+lenny6.dsc
http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src_4.2.5-1+lenny6.diff.gz
Architecture-independent component:
http://security.debian.org/pool/updates/main/t/typo3-src/typo3-src-4.2_4.2.5-1+lenny6_all.deb
http://security.debian.org/pool/updates/main/t/typo3-src/typo3_4.2.5-1+lenny6_all.deb

MD5 checksums of the listed files are available in the original advisory.

Vulmon Search

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

About

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Products

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Connect

Twitter Reddit Linkedin Facebook

Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started