Full Disclosure mailing list archives
Edgewall Trac SQL Injection Vulnerability
From: David Maciejak <david.maciejak () kyxar fr>
Date: Thu, 1 Dec 2005 22:52:01 +0100
Edgewall Trac SQL Injection Vulnerability Trac is an enhanced wiki and issue tracking system for software development project. It provides an interface to Subversion. More information on http://projects.edgewall.com/trac/ Description: Malicious user can conduct SQL injection in ticket query module because supplied 'group' URI data passed to the query script is not properly sanitized. PoC: http://host/trac/query?group=/* Vulnerable version: Version tested is 0.9 Maybe 0.9 betas are also vulnerable Solution: Upgrade to version 0.9.1 http://projects.edgewall.com/trac/wiki/TracDownload Thanks for the quick fix of the Trac Team ! David Maciejak -------------------------------------------------------------------------------- KYXAR.FR - Mail envoyé depuis http://webmail.kyxar.fr _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
Current thread:
- Edgewall Trac SQL Injection Vulnerability David Maciejak (Dec 01)