Hi everyone,
FYI, I've seen this passing on full-disclosure and it seems that our
archives are using an affected version of MHonArc.
-------- Messaggio originale --------
Oggetto: [Full-disclosure] [ MDVSA-2011:003 ] MHonArc
Data: Mon, 10 Jan 2011 16:44:01 +0100
Mittente: security@mandriva.com
Rispondi-a: xsecurity@mandriva.com
A: full-disclosure@lists.grok.org.uk
_______________________________________________________________________
Mandriva Linux Security Advisory
MDVSA-2011:003http://www.mandriva.com/security/_______________________________________________________________________
Package : MHonArcDate : January 10, 2011Affected: 2009.0, 2010.0, 2010.1, Corporate 4.0, Enterprise Server
5.0_______________________________________________________________________
Problem Description:
Multiple vulnerabilities has been found and corrected in MHonArc:
MHonArc 2.6.16 allows remote attackers to cause a denial of service(CPU consumption) via start tags that are placed
withinother starttags, as demonstrated by a
<bo<bo<bo<bo<body>dy>dy>dy>dy> sequence,a different vulnerability than CVE-2010-4524
(CVE-2010-1677).
Cross-site scripting (XSS) vulnerability in lib/mhtxthtml.pl inMHonArc 2.6.16 allows remote attackers to inject
arbitraryweb scriptor HTML via a malformed start tag and end tag for a SCRIPT element,as demonstrated by
<scr<body>ipt>and
</scr<body>ipt> sequences(CVE-2010-4524).
Packages for 2009.0 are provided as of the Extended MaintenanceProgram. Please visit this link to learn
more:http://store.mandriva.com/product_info.php?cPath=149&products_id=490
The updated packages have been upgraded to the latest version (2.6.18)which is not vulnerable to these
issues._______________________________________________________________________
References:
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-1677http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4524_______________________________________________________________________