Debian DSA-1596-1 : typo3 - several vulnerabilities

medium Nessus Plugin ID 33177

Synopsis

The remote Debian host is missing a security-related update.

Description

Several remote vulnerabilities have been discovered in the TYPO3 content management framework.

Because of a not sufficiently secure default value of the TYPO3 configuration variable fileDenyPattern, authenticated backend users could upload files that allowed to execute arbitrary code as the webserver user.

User input processed by fe_adminlib.inc is not being properly filtered to prevent Cross Site Scripting (XSS) attacks, which is exposed when specific plugins are in use.

Solution

Upgrade the typo3 package.

For the stable distribution (etch), these problems have been fixed in version 4.0.2+debian-5.

See Also

https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=485814

https://www.debian.org/security/2008/dsa-1596

Plugin Details

Severity: Medium

ID: 33177

File Name: debian_DSA-1596.nasl

Version: 1.16

Type: local

Agent: unix

Published: 6/16/2008

Updated: 1/4/2021

Supported Sensors: Agentless Assessment, Continuous Assessment, Frictionless Assessment Agent, Nessus Agent, Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 5.9

CVSS v2

Risk Factor: Medium

Base Score: 6.5

Temporal Score: 4.8

Vector: CVSS2#AV:N/AC:L/Au:S/C:P/I:P/A:P

Vulnerability Information

CPE: p-cpe:/a:debian:debian_linux:typo3, cpe:/o:debian:debian_linux:4.0

Required KB Items: Host/local_checks_enabled, Host/Debian/release, Host/Debian/dpkg-l

Exploit Ease: No known exploits are available

Patch Publication Date: 6/12/2008

Reference Information

CVE: CVE-2008-2717, CVE-2008-2718

BID: 29657

CWE: 264, 79

DSA: 1596