|
 |
| SecurityReason | ||
| WLB | ||
| Services | ||
| RSS | ||
| Corporate | ||
| Note | ||
If you have found a vulnerability, please send to our SecurityAlert Database : |
||
Home  SecurityAlert Database |
||||
SecurityAlert : 4699 CVE : CVE-2008-5399 CVE : CVE-2008-5400 CWE : CWE-79 SecurityRisk : Low  (About) Remote Exploit : Yes Local Exploit : No Victim interaction required : No Exploit Available : No Credit : SVRT-Bkis Published : 11.12.2008
Advisory Content : MULTI SECURITY VULNERABILITIES IN MVNFORUM 1. General Information mvnForum is software used for creating forums on the Internet (http://www.mvnforum.com). This is an open source software making use of Java J2EE (ISP/Servlet) technology. On September 6 2008, SVRT-Bkis found several CSRF and XSS vulnerabilities in some functions of mvnForum 1.2 GA. These are highly serious vulnerabilities allowing hackers to perform privilege escalation attack on the Forum. We have contacted the development team and they have patched all those vulnerabilities in the latest version of mvnForum 1.2.1 GA. Details : http://security.bkis.vn/?p=286 SVRT Advisory : SVRT-06-08 Initial vendor notification : 30-10-2008 Release Date : 03-12-2008 Update Date : 03-12-2008 Discovered by : SVRT-Bkis Attack Type : CSRF, XSS Security Rating : Critical Impact : Privilege escalation Affected Software : mvnForum (version <= 1.2 GA) 2. Technical Description We have detected five vulnerabilities in different functions of mvnForum, four of which are CSRF (Cross-site request forgery) flaw and the other is an XSS (Cross-site scripting) flaw. More precisely, four CSRF vulnerabilities make way for hackers to escalate their privilege on such forum by tricking the administrator to perform some task without asking him/her for confirmation. Tasks relating to these four vulnerabilities are: - Creating a new forum where the hacker is the administrator. - Raise the privilege of an arbitrary account. - Give an arbitrary account the sub-forum administrator privilege. - Enable or disable an arbitrary account. The XSS vulnerability is in the "Who's online" function of the forum. If hackers successfully exploit this flaw, malicious code (JavaScript) will be executed whenever the administrator view information with this function. 3. Solution Rating these highly critical vulnerabilities, Bkis Center recommends that all units, organizations and individuals using mvnForum should immediately update their forums with the latest version of the application here: http://sourceforge.net/project/showfiles.php?group_id=65527&package_id=6 3007 4. Credit Thanks Dau Huy Ngoc for working with SVRT-Bkis ---------------------------------------------------------------- SVRT, which is short for Security Vulnerability Research Team, is one of Bkis researching groups. SVRT specializes in the detection, alert and announcement of security vulnerabilities in software, operating systems, network protocols and embedded systems. Bach Khoa Internetwork Security Center (BKIS) Hanoi University of Technology (Vietnam) Email : svrt (at) bkav.com (dot) vn [email concealed] Website : www.bkav.com.vn WebBlog : http://security.bkis.vn Our PGP : http://security.bkis.vn/policy/pgp/SVRT-Bkis.gpg ---------------------------------------------------------------- . SVRT-Bkis References : http://www.securityfocus.com/bid/32605
http://www.securityfocus.com/archive/1/archive/1/498872/100/0/threaded
http://www.mvnforum.com/mvnforum/viewthread_thread,4361
http://security.bkis.vn/?p=286
http://secunia.com/advisories/32931
http://osvdb.org/50403  Feedback : If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com. |
||||
| Alert | ||
libc:fts_*() Multiple Denial of Service
The fts functions are provided for traversing UNIX file hierarchies... |
||
| Apache |  |
|
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
» Apache Tomcat 6.0.20 and |
||
| PHP | |
|
» PHP 5.2.12/5.3.1 |
||
- 2009-10-02| Copyright © SecurityReason.com. All Rights Reserved. |