Anonymous | Login | 2024-11-14 17:18 EST |
Main | My View | View Issues | Change Log | Roadmap |
View Issue Details [ Jump to Notes ] | [ Issue History ] [ Print ] | |||||||
ID | Project | Category | View Status | Date Submitted | Last Update | |||
0001292 | PacketFence | security | public | 2011-10-03 11:03 | 2011-10-24 20:17 | |||
Reporter | mattd | |||||||
Assigned To | obilodeau | |||||||
Priority | normal | Severity | major | Reproducibility | always | |||
Status | closed | Resolution | fixed | |||||
Platform | OS | OS Version | ||||||
Product Version | devel | |||||||
Target Version | 3.0.2 | Fixed in Version | 3.0.2 | |||||
Summary | 0001292: XSS in web adminstration interface (login.php) | |||||||
Description | In the web administation login page (html/admin/login.php), the 'p' parameter, passed in as a HTTP GET parameter, is not properly escaped in the output. This leads to XSS. | |||||||
Additional Information | A sample request, triggering the XSS: login.php?p=%22%3E%3Cscript%3Ealert%28document.cookie%29%3C/script%3E%3Cx%20x%3D%22 | |||||||
Tags | No tags attached. | |||||||
fixed in git revision | ||||||||
fixed in mtn revision | b3af2b197670c53ffb3992f3d14fbb028b35b927 | |||||||
Attached Files | security-fix-1292.patch [^] (886 bytes) 2011-10-11 14:17 [Show Content] | |||||||
Notes | |
(0002310) obilodeau (reporter) 2011-10-03 11:06 |
Thanks for the report! We will fix this shortly. |
(0002328) obilodeau (reporter) 2011-10-06 13:46 |
Ok, I'm looking at these now but first: - Do you plan on getting CVE numbers for the vulnerabilities? - Can you send me your full name and organization (optional) for the finding credits in the release notes. Thanks, |
(0002331) mattd (reporter) 2011-10-07 22:06 |
CVEs: Nope, I think it'd be better if you as vendor get them. Credit: Matthew Daley. Thanks! |
(0002332) obilodeau (reporter) 2011-10-11 14:17 |
Fix committed in revno: b3af2b197670c53ffb3992f3d14fbb028b35b927 I requested CVE numbers. Fix will be released in 3.0.2 shortly. Those you can't wait or who won't upgrade in a timely fashion should apply the attached patch. It should apply cleanly on most packetfence versions known to man (it's long standing vuln). |
(0002362) obilodeau (reporter) 2011-10-17 10:37 |
This vulnerability has been assigned: CVE-2011-4067 |
(0002386) obilodeau (reporter) 2011-10-24 20:15 |
fix released in 3.0.2 |
Issue History | |||
Date Modified | Username | Field | Change |
2011-10-03 11:03 | mattd | New Issue | |
2011-10-03 11:05 | obilodeau | Status | new => assigned |
2011-10-03 11:05 | obilodeau | Assigned To | => obilodeau |
2011-10-03 11:06 | obilodeau | Note Added: 0002310 | |
2011-10-06 13:46 | obilodeau | Note Added: 0002328 | |
2011-10-07 22:06 | mattd | Note Added: 0002331 | |
2011-10-11 14:17 | obilodeau | mtn revision | => b3af2b197670c53ffb3992f3d14fbb028b35b927 |
2011-10-11 14:17 | obilodeau | Note Added: 0002332 | |
2011-10-11 14:17 | obilodeau | Status | assigned => resolved |
2011-10-11 14:17 | obilodeau | Fixed in Version | => +1 |
2011-10-11 14:17 | obilodeau | Resolution | open => fixed |
2011-10-11 14:17 | obilodeau | File Added: security-fix-1292.patch | |
2011-10-17 10:37 | obilodeau | Note Added: 0002362 | |
2011-10-24 16:45 | obilodeau | View Status | private => public |
2011-10-24 20:15 | obilodeau | Target Version | => 3.0.2 |
2011-10-24 20:15 | obilodeau | Note Added: 0002386 | |
2011-10-24 20:16 | obilodeau | Status | resolved => closed |
2011-10-24 20:17 | obilodeau | Fixed in Version | +1 => 3.0.2 |
Copyright © 2000 - 2012 MantisBT Group |