thr3ads.net - Secure testing team - [Secure-testing-team] Bug#513158: CVE-2009-0260: Multiple cross-site scripting vulnerabilities [Jan 2009]

If this information is useful, please help other people find it:
Share via:

Steffen Joeris

2009-Jan-26 21:44 UTC

[Secure-testing-team] Bug#513158: CVE-2009-0260: Multiple cross-site scripting vulnerabilities

Package: python-moinmoin
Severity: grave
Tags: security, patch
Justification: user security hole

Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for moin.

CVE-2009-0260[0]:
| Multiple cross-site scripting (XSS) vulnerabilities in
| action/AttachFile.py in MoinMoin before 1.8.1 allow remote attackers
| to inject arbitrary web script or HTML via an AttachFile action to the
| WikiSandBox component with (1) the rename parameter or (2) the drawing
| parameter (aka the basename variable).

The upstream patch can be found here[1]. Please note that despite the
CVE description, version 1.8.1 in sid is still vulnerable.

Also, I haven''t looked at the attack vector yet, but if we end up
fixing
this for stable as well, we should adjust the wikiutil.escape function
to also take care of single quotes "''".
However, the patch should be trivial as well.

If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.

Cheers
Steffen

For further information see:

[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0260
    http://security-tracker.debian.net/tracker/CVE-2009-0260
[1] http://hg.moinmo.in/moin/1.8/rev/8cb4d34ccbc1

Secure testing team - Jan 2009 - Bug#513158: CVE-2009-0260: Multiple cross-site scripting vulnerabilities

[Secure-testing-team] Bug#513158: CVE-2009-0260: Multiple cross-site scripting vulnerabilities