Date: Sun, 6 Jan 2013 20:37:24 +0000 (UTC) From: Eygene Ryabinkin <rea@FreeBSD.org> To: ports-committers@freebsd.org, svn-ports-all@freebsd.org, svn-ports-head@freebsd.org Subject: svn commit: r310013 - head/security/vuxml Message-ID: <201301062037.r06KbO45038167@svn.freebsd.org>
next in thread | raw e-mail | index | archive | help
Author: rea Date: Sun Jan 6 20:37:24 2013 New Revision: 310013 URL: http://svnweb.freebsd.org/changeset/ports/310013 Log: VuXML: extend entry for MoinMoin vulnerabilities fixed in 1.9.6 Use more verbose descriptions from CVE entries and trim citation from CHANGES to the relevant parts. Modified: head/security/vuxml/vuln.xml Modified: head/security/vuxml/vuln.xml ============================================================================== --- head/security/vuxml/vuln.xml Sun Jan 6 19:56:54 2013 (r310012) +++ head/security/vuxml/vuln.xml Sun Jan 6 20:37:24 2013 (r310013) @@ -161,21 +161,40 @@ Note: Please add new entries to the beg </affects> <description> <body xmlns="http://www.w3.org/1999/xhtml"> - <p>Thomas Waldmann reports:</p> + <p>MoinMoin developers report the following vulnerabilities + as fixed in version 1.9.6:</p> <blockquote cite="http://hg.moinmo.in/moin/1.9/raw-file/1.9.6/docs/CHANGES"> - <p>SECURITY HINT: make sure you have allow_xslt = False (or just do - not use allow_xslt at all in your wiki configs, False is the - internal default). Allowing XSLT/4suite is very dangerous, see - HelpOnConfiguration wiki page.</p> - - <p>Fixes:</p> <ul> - <li>fix remote code execution vulnerability in - twikidraw/anywikidraw action</li> - <li>fix path traversal vulnerability in AttachFile action</li> - <li>fix XSS issue, escape page name in rss link.</li> + <li>remote code execution vulnerability in + twikidraw/anywikidraw action,</li> + <li>path traversal vulnerability in AttachFile action,</li> + <li>XSS issue, escape page name in rss link.</li> </ul> </blockquote> + <p>CVE entries at MITRE furher clarify:</p> + <blockquote cite="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-6081"> + <p>Multiple unrestricted file upload vulnerabilities in the + (1) twikidraw (action/twikidraw.py) and (2) anywikidraw + (action/anywikidraw.py) actions in MoinMoin before 1.9.6 + allow remote authenticated users with write permissions to + execute arbitrary code by uploading a file with an + executable extension, then accessing it via a direct request + to the file in an unspecified directory, as exploited in the + wild in July 2012.</p> + </blockquote> + <blockquote cite="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-6080"> + <p>Directory traversal vulnerability in the + _do_attachment_move function in the AttachFile action + (action/AttachFile.py) in MoinMoin 1.9.3 through 1.9.5 + allows remote attackers to overwrite arbitrary files via a + .. (dot dot) in a file name.</p> + </blockquote> + <blockquote cite="http://cve.mitre.org/cgi-bin/cvename.cgi?name=2012-6082"> + <p>Cross-site scripting (XSS) vulnerability in the rsslink + function in theme/__init__.py in MoinMoin 1.9.5 allows + remote attackers to inject arbitrary web script or HTML + via the page name in a rss link.</p> + </blockquote> </body> </description> <references>
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201301062037.r06KbO45038167>