[prev in list] [next in list] [prev in thread] [next in thread]
List: oss-security
Subject: Re: [oss-security] CVE id request: typo3 SA-2009-001
From: Nico Golde <oss-security+ml () ngolde ! de>
Date: 2009-01-23 17:24:20
Message-ID: 20090123172419.GA16477 () ngolde ! de
[Download RAW message or body]
Hi,
* Steven M. Christey <coley@linus.mitre.org> [2009-01-23 13:09]:
[...]
> ======================================================
> Name: CVE-2009-0258
> Status: Candidate
> URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0258
> Reference: CONFIRM:http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-001/
> Reference: BID:33376
> Reference: URL:http://www.securityfocus.com/bid/33376
> Reference: SECUNIA:33617
> Reference: URL:http://secunia.com/advisories/33617
> Reference: XF:typo3-indexedsearch-command-execution(48138)
> Reference: URL:http://xforce.iss.net/xforce/xfdb/48138
>
> Unspecified vulnerability in the Indexed Search Engine
> (indexed_search) system extension in TYPO3 4.0.0 through 4.0.9, 4.1.0
> through 4.1.7, and 4.2.0 through 4.2.3 allows remote attackers to
> execute arbitrary commands via unknown vectors related to the
> command-line indexer.
Thanks for the ids!
I am just working on a security update for typo3. Looking at
the patch used for CVE-2009-0258 it is pretty obvious that
this is exploitable via a crafted filename which is passed
to various system utilities to get information of the file
content.
Cheers
Nico
--
Nico Golde - http://www.ngolde.de - nion@jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
[Attachment #3 (application/pgp-signature)]
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic