oss-sec mailing list archives
Re: CVE request: sympa (try again)
From: micah anderson <micah () riseup net>
Date: Tue, 15 May 2012 11:26:50 -0400
On Fri, 11 May 2012 23:58:33 -0600, Kurt Seifried <kseifried () redhat com> wrote:
Ok I see this one and several more: ================================ 6.1.11 May 11, 2012 Bug fixes: [7358] wwsympa/wwsympa.fcgi.in: Fixing a potential security issue related to archives
This is the CVE-2012-2352 that you assigned, upstream Sympa has now created a page for security issues, this is one is detailed on there: https://www.sympa.org/security_advisories#security_advisories
6.1.1 October 22, 2010 This version includes a lots news such as DKIM support, autosignoff footer link included in lists messages, ... Various vulnerability have been solved in 6.1.1 : cross side scripting, cross-Site request forgeries, brute force attack, DOS. These vulnerabilities were identified with the help of P. Gardenat (Rectorat de Rennes) during a security audit on Sympa. - --------------------- web_tt2/error.tt2, wwsympa/wwsympa.fcgi.in: Now shared document can't be read or edited unless list is open. This is a security fix ================================ 6.0 1st October 2009 Security: - - [reported by T. Retout] SQL injection threat removed by using place holders instead of direct sprint in a query. - - [Submitted by N. Bertrand, univ. Minnesota] Basic logs in debug don't issue the password unencrypted in the logs for function Auth::ldap_authentication. This way, this password won't be sent unencrypted to a possible syslog server. - - [#4439] [#4440] [reported by O.Berger] security vulnerability which use a file in /tmp. - - [#4430] store temporary files in Sympa's own tmp directory instead of /tmp to prevent symlink attacks
These issues were fixed a very long time ago, there was a security advisory in 2010, here is the French CERT advisory for them: http://www.certa.ssi.gouv.fr/site/CERTA-2010-AVI-505/ It appears that besides this most recent CVE, the only CVEs issued for Sympa have been in 2008, so these were not assigned numbers. micah ps - I would sign this message, but it seems like it would be eaten by EZLM :(
Current thread:
- CVE request: sympa (try again) micah (May 11)
- ezmlm signature mangling [was: Re: CVE request: sympa (try again)] Daniel Kahn Gillmor (May 11)
- Re: ezmlm signature mangling [was: Re: CVE request: sympa (try again)] Solar Designer (May 12)
- Re: CVE request: sympa (try again) Kurt Seifried (May 11)
- Re: CVE request: sympa (try again) micah anderson (May 12)
- Re: CVE request: sympa (try again) Kurt Seifried (May 12)
- Re: CVE request: sympa (try again) micah anderson (May 15)
- Re: CVE request: sympa (try again) Kurt Seifried (May 15)
- Re: CVE request: sympa (try again) micah anderson (May 12)
- ezmlm signature mangling [was: Re: CVE request: sympa (try again)] Daniel Kahn Gillmor (May 11)