[VIM] Utopia News Pro issues acknowledged/fixed
Steven M. Christey
coley at mitre.org
Wed Dec 14 23:27:12 EST 2005
After a couple email exchanges to help explain the specifics of the
issues to the developer, fixes have been posted to the web site within
a day of my initial email inquiry. See CVE's below.
The "Utopia News Pro File Updates" news item on December 15, 2005 says
"The header and footer files of UNP have been updated to reflect
increasing security awareness."
- Steve
======================================================
Name: CVE-2005-3200
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3200
Reference: BUGTRAQ:20051007 Utopia News Pro 1.1.3 SQL Injection / cross site scripting
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=112872691119874&w=2
Reference: CONFIRM:http://www.utopiasoftware.net/
Reference: BID:15027
Reference: URL:http://www.securityfocus.com/bid/15027
Reference: SECUNIA:17115
Reference: URL:http://secunia.com/advisories/17115/
Reference: XF:utopianewspro-header-footer-xss(22554)
Reference: URL:http://xforce.iss.net/xforce/xfdb/22554
Multiple cross-site scripting (XSS) vulnerabilities in Utopia News Pro
(UNP) 1.1.3 and 1.1.4 allow remote attackers to inject arbitrary web
script or HTML via (1) the sitetitle parameter in header.php and (2)
the version and (3) query_count parameters in footer.php.
======================================================
Name: CVE-2005-3201
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3201
Reference: BUGTRAQ:20051007 Utopia News Pro 1.1.3 SQL Injection / cross site scripting
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=112872691119874&w=2
Reference: CONFIRM:http://www.utopiasoftware.net/
Reference: BID:15028
Reference: URL:http://www.securityfocus.com/bid/15028
Reference: SECUNIA:17115
Reference: URL:http://secunia.com/advisories/17115/
Reference: XF:utopianewspro-news-sql-injection(22555)
Reference: URL:http://xforce.iss.net/xforce/xfdb/22555
SQL injection vulnerability in news.php for Utopia News Pro (UNP)
1.1.3, when magic_quotes_gpc is disabled and register_globals is
enabled, allows remote attackers to execute arbitrary SQL via the
newsid parameter.
======================================================
Name: CVE-2005-4223
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4223
Reference: BUGTRAQ:20051211 [PHP-CHECKER] 99 potential SQL injection vulnerabilities
Reference: URL:http://www.securityfocus.com/archive/1/archive/1/419280/100/0/threaded
Reference: BUGTRAQ:20051212 [PHP-CHECKER] 99 potential SQL injection vulnerabilities
Reference: URL:http://www.securityfocus.com/archive/1/archive/1/419487/100/0/threaded
Reference: MISC:http://glide.stanford.edu/yichen/research/sec.pdf
Reference: FRSIRT:ADV-2005-2859
Reference: URL:http://www.frsirt.com/english/advisories/2005/2859
Reference: OSVDB:21645
Reference: URL:http://www.osvdb.org/21645
Reference: OSVDB:21646
Reference: URL:http://www.osvdb.org/21646
Reference: OSVDB:21647
Reference: URL:http://www.osvdb.org/21647
Reference: OSVDB:21648
Reference: URL:http://www.osvdb.org/21648
Reference: OSVDB:21649
Reference: URL:http://www.osvdb.org/21649
Reference: SECUNIA:17988
Reference: URL:http://secunia.com/advisories/17988/
Multiple "potential" SQL injection vulnerabilities in Utopia News Pro
(UNP) 1.1.4 might allow remote attackers to execute arbitrary SQL
commands via (1) the newsid parameter in editnews.php, (2) the catid
and question parameters in faq.php, (3) the poster parameter in
postnews.php, (4) the tempid parameter in templates.php, and (5) the
userid and groupid parameters in users.php.
More information about the VIM
mailing list