[Secure-testing-team] Bug#513158: CVE-2009-0260: Multiple cross-site scripting vulnerabilities
Steffen Joeris
steffen.joeris at skolelinux.de
Mon Jan 26 21:44:28 UTC 2009
Package: python-moinmoin
Severity: grave
Tags: security, patch
Justification: user security hole
Hi,
the following CVE (Common Vulnerabilities & Exposures) id was
published for moin.
CVE-2009-0260[0]:
| Multiple cross-site scripting (XSS) vulnerabilities in
| action/AttachFile.py in MoinMoin before 1.8.1 allow remote attackers
| to inject arbitrary web script or HTML via an AttachFile action to the
| WikiSandBox component with (1) the rename parameter or (2) the drawing
| parameter (aka the basename variable).
The upstream patch can be found here[1]. Please note that despite the
CVE description, version 1.8.1 in sid is still vulnerable.
Also, I haven't looked at the attack vector yet, but if we end up fixing
this for stable as well, we should adjust the wikiutil.escape function
to also take care of single quotes "'".
However, the patch should be trivial as well.
If you fix the vulnerability please also make sure to include the
CVE id in your changelog entry.
Cheers
Steffen
For further information see:
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2009-0260
http://security-tracker.debian.net/tracker/CVE-2009-0260
[1] http://hg.moinmo.in/moin/1.8/rev/8cb4d34ccbc1
More information about the Secure-testing-team
mailing list