Products Openwall GNU/*/Linux   server OS Linux Kernel Runtime Guard John the Ripper   password cracker Free & Open Source for any platform in the cloud Pro for Linux Pro for macOS Wordlists   for password cracking passwdqc   policy enforcement Free & Open Source for Unix Pro for Windows (Active Directory) yescrypt   KDF & password hashing yespower   Proof-of-Work (PoW) crypt_blowfish   password hashing phpass   ditto in PHP tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login php_mt_seed   mt_rand() cracker Services Publications Articles Presentations Resources Mailing lists Community wiki Source code repositories (GitHub) Source code repositories (CVSweb) File archive & mirrors How to verify digital signatures OVE IDs What's new

Message-ID: <CAD1NwhgAcS7wKzFOGmuhz28X8gCvEPMGXjZ-j0VowEtF=BnBUA@mail.gmail.com>
Date: Thu, 14 Mar 2013 07:36:15 +0100
From: Lukas Reschke <lukas@...cloud.org>
To: oss-security@...ts.openwall.com
Cc: "security@...cloud.com" <security@...cloud.com>, 
	"packaging@...cloud.org Packaging" <packaging@...cloud.org>
Subject: ownCloud Security Advisories (2013-008, 2013-009, 2013-010)

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

# Multiple XSS vulnerabilities (oC-SA-2013-008)
Web: https://owncloud.org/about/security/advisories/oC-SA-2013-008/

## CVE IDENTIFIERS
- CVE-2013-1822

## AFFECTED SOFTWARE
- ownCloud Server < 4.5.8

## DESCRIPTION
Multiple cross-site scripting (XSS) vulnerabilities in ownCloud 4.5.8
and all prior versions (except 4.0.x) allow remote attackers to inject
arbitrary web script or HTML via

- the "quota" POST parameter to setquota.php in /core/settings/ajax/
  - Commits:  2364c79 (stable45)
  - Risk: Low
  - Note: Successful exploitation of this stored XSS requires
administrator privileges.
- the group input field to settings.php (CVE-2013-0307)
  - Commits:  4cff6df (stable45)
  - Risk: Low
  - Note: Successful exploitation of this DOM based self XSS requires
group admin privileges.
- the share with input field
  - Commits: 7b0a8f4 (stable45)
  - Risk: Low
  - Note: Successful exploitation of this DOM based self XSS requires
group admin privileges.

## RESOLUTION
Update to ownCloud Server 5.0.0 or 4.5.8
http://download.owncloud.org/community/owncloud-5.0.0.tar.bz2
http://download.owncloud.org/community/owncloud-4.5.8.tar.bz2

---------------------------------------

# Contacts: Bypass of file blacklist (oC-SA-2013-009)
Web: https://owncloud.org/about/security/advisories/oC-SA-2013-009/

## CVE IDENTIFIERS
- CVE-2013-1850

## RISK:
- Critical

## COMMITS:
- stable4: fae5bd3
- stable45: e294a16, 1314e6d

## AFFECTED SOFTWARE
- ownCloud Server < 4.5.8
- ownCloud Server < 4.0.13

## DESCRIPTION
Incomplete blacklist vulnerability in apps/contacts/import.php and
apps/contacts/ajax/uploadimport.php in ownCloud before 4.0.13 and
4.5.8 allows an authenticated remote attacker to upload a .htaccess
file and therefore the execution of arbitrary PHP code in a standard
Apache installation.

Note: Successful exploitation of this vulnerability requires the
calendar application to be enabled (enabled by default) and the data
directory has to be in the webroot.

## RESOLUTION
Update to ownCloud Server 5.0.0, 4.5.8 or 4.0.13
http://download.owncloud.org/community/owncloud-5.0.0.tar.bz2
http://download.owncloud.org/community/owncloud-4.5.8.tar.bz2
http://download.owncloud.org/community/owncloud-4.0.13.tar.bz2

---------------------------------------

# user_migrate: Local file disclosure (oC-SA-2013-010)
Web: https://owncloud.org/about/security/advisories/oC-SA-2013-010/

## CVE IDENTIFIERS
- CVE-2013-1851

## RISK:
- High

## COMMITS:
- stable4: edf7162
- stable45: 7b6a022

## AFFECTED SOFTWARE
- ownCloud Server < 4.5.8
- ownCloud Server < 4.0.13

## DESCRIPTION
Incomplete blacklist vulnerability in lib/migrate.php in ownCloud
before 4.0.13 and 4.5.8 allows an authenticated remote attacker to
import arbitrary files on the server inside his user account.

Note: Successful exploitation of this vulnerability requires the
user_migrate application to be enabled. (disabled by default)

## RESOLUTION
Update to ownCloud Server 5.0.0, 4.5.8 or 4.0.13
http://download.owncloud.org/community/owncloud-5.0.0.tar.bz2
http://download.owncloud.org/community/owncloud-4.5.8.tar.bz2
http://download.owncloud.org/community/owncloud-4.0.13.tar.bz2

--
ownCloud
Your Cloud, Your Data, Your Way!

GPG: 0xEB32B77BA406BE99


-----BEGIN PGP SIGNATURE-----
Version: OpenPGP.js v.1.20121007
Comment: http://openpgpjs.org

wsFcBAEBAgAQBQJRQW+KCRDrMrd7pAa+mQAAD7AP/1n5KCcQv2HFf4iETNfF
ZFUEPQVppStRCQMwDjzhx3n5LwXciYy6Nk+U12tn4IavacsVYREAsvRUqVRc
LEPvaap66F7QWjKm+kIeoLbcjcRss0ShCBpGt7lMpI4ZLMu15mlHTZ+1cKcU
2wRnehR58qxo535B0qmCoBTktOK0eOc3A3XQPWj6Iflvmxj1ZHfDzDTGhORZ
+N5rJIS4lpoS/sFeBiH1N5ZxhZKuGGymjmzFzLkuKOOC6zPu/ZVtHthpsk64
JLFV9c8avNdHwuLdDbtfzPRO8NrginR7IeqNkn2cLtX7sId7ikc+t4F3ubPw
AwF+48rDsVwfda6yCMCHpCw7i0bGtDz/lLsT4vfhUBWJ4ew0ZD1fX2mHunc9
dnKsNqw+f1hoUYAsWq37bAMIj9fM+GKqBaN+OBUDx+lt2PMhrsZHbDohRmXZ
GTSGfwgMXcyOw72/M7icrtW2hEylIL1PHt/ZJqn3YRh8WMlTYTnhKH0lpzEd
curBLzICFs7/qN0fyk1BFYj7NPkKksEpnFAEZx7w5xH+gA5ZanoTXM2J5103
2dm9uvo0lqxt6XoctujH+SN+Cx2tUocO8ahA+kwOiL9QSRphumJ4Va4wZSpX
2R5k9t5yUmB9jI904KYbbRz6P9M+teLFzb5bpRyt2RW09EFDbmQ0I8FkYdY6
90CQ
=9rrE
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Confused about mailing lists and their use? Read about mailing lists on Wikipedia and check out these guidelines on proper formatting of your messages.