From owner-freebsd-ports-bugs@FreeBSD.ORG Wed Sep 29 07:40:04 2010 Return-Path: Delivered-To: freebsd-ports-bugs@hub.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D49C4106564A for ; Wed, 29 Sep 2010 07:40:04 +0000 (UTC) (envelope-from gnats@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [IPv6:2001:4f8:fff6::28]) by mx1.freebsd.org (Postfix) with ESMTP id A86468FC29 for ; Wed, 29 Sep 2010 07:40:04 +0000 (UTC) Received: from freefall.freebsd.org (localhost [127.0.0.1]) by freefall.freebsd.org (8.14.4/8.14.4) with ESMTP id o8T7e4bt060503 for ; Wed, 29 Sep 2010 07:40:04 GMT (envelope-from gnats@freefall.freebsd.org) Received: (from gnats@localhost) by freefall.freebsd.org (8.14.4/8.14.4/Submit) id o8T7e42m060502; Wed, 29 Sep 2010 07:40:04 GMT (envelope-from gnats) Date: Wed, 29 Sep 2010 07:40:04 GMT Message-Id: <201009290740.o8T7e42m060502@freefall.freebsd.org> To: freebsd-ports-bugs@FreeBSD.org From: Florian Smeets Cc: Subject: Re: ports/151055: [MAINTAINER] [security] www/phpmyfaq: update to 2.6.9, fix XSS vulnerability X-BeenThere: freebsd-ports-bugs@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list Reply-To: Florian Smeets List-Id: Ports bug reports List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 29 Sep 2010 07:40:05 -0000 The following reply was made to PR ports/151055; it has been noted by GNATS. From: Florian Smeets To: bug-followup@FreeBSD.org Cc: Subject: Re: ports/151055: [MAINTAINER] [security] www/phpmyfaq: update to 2.6.9, fix XSS vulnerability Date: Wed, 29 Sep 2010 09:36:16 +0200 This is a multi-part message in MIME format. --------------060105080902070007030508 Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Here is the vuxml entry. --------------060105080902070007030508 Content-Type: text/plain; x-mac-type="0"; x-mac-creator="0"; name="vuxml.diff" Content-Transfer-Encoding: 7bit Content-Disposition: attachment; filename="vuxml.diff" --- vuln.xml.old 2010-09-29 09:06:01.000000000 +0200 +++ vuln.xml 2010-09-29 09:21:18.000000000 +0200 @@ -34,6 +34,36 @@ --> + + phpmyfaq -- XSS vulnerabilities + + + phpmyfaq + 2.6.02.6.9 + + + + +

The phpMyFAQ project reports:

+
+

The phpMyFAQ Team has learned of a security issue that has been + discovered in phpMyFAQ 2.6.x

+

phpMyFAQ doesn't sanitize some variables in different pages + correctly. With a properly crafted URL it is e.g. possible to inject + JavaScript code into the output of a page, which could result in the + leakage of domain cookies (f.e. session identifiers).

+
+ + + + http://www.phpmyfaq.de/advisory_2010-09-28.php + + + 2010-09-28 + 2010-09-29 + + + openx -- remote code execution vulnerability --------------060105080902070007030508--