219304 – (CVE-2008-1974) www-apps/horde-kronolith < 2.1.8 addevent.php cross-site scripting attack (CVE-2008-1974)

Bug 219304 (CVE-2008-1974) - www-apps/horde-kronolith < 2.1.8 addevent.php cross-site scripting attack (CVE-2008-1974)

Summary: www-apps/horde-kronolith < 2.1.8 addevent.php cross-site scripting attack (CV...

Status:	RESOLVED FIXED

Alias:	CVE-2008-1974

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High minor (vote)
Assignee:	Gentoo Security

URL:	http://secunia.com/advisories/29920/
Whiteboard:	B4 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2008-04-25 22:42 UTC by Matt Fleming (RETIRED)
Modified:	2008-07-31 08:45 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Matt Fleming (RETIRED) gentoo-dev

2008-04-25 22:42:55 UTC

Aria-Security Team has discovered a vulnerability in Kronolith, which can be exploited by malicious people to conduct cross-site scripting attacks.

Input passed to the "url" parameter in addevent.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Comment 1 Matt Fleming (RETIRED) gentoo-dev

2008-04-25 22:51:32 UTC

Should be grouped with bug #212635 and bug #213493 for glsa.

Comment 2 Matt Fleming (RETIRED) gentoo-dev

2008-04-25 23:24:19 UTC

I'm not sure whether this has been patched upstream yet, so I'm setting the whiteboard appropriately. Based on comments from rbu@ we might not want to group this with the other bugs for a glsa because this bug is xss only.

Comment 3 Matt Fleming (RETIRED) gentoo-dev

2008-04-27 19:08:30 UTC

This issue has been fixed in 2.1.8 of kronolith. A CVE id has been requested. Setting herd and whiteboard.

Comment 4 Robert Buchholz (RETIRED) gentoo-dev

2008-04-27 22:04:13 UTC

cc'ing vapier as primary maintainer. Do you know whether other horde packages carry a kronolith copy?

Comment 5 Matthias Geerdsen (RETIRED) gentoo-dev

2008-04-29 11:32:12 UTC

CVE-2008-1974

Comment 6 SpanKY gentoo-dev

2008-05-04 10:57:46 UTC

the only packages that would bundle any horde sub-packages would be horde-webmail or horde-groupware

Comment 7 Gunnar Wrobel (RETIRED) gentoo-dev

2008-06-24 11:22:29 UTC

horde-kronolith-2.1.8 is in the tree.

Target archs:

  alpha amd64 hppa ppc sparc x86

Comment 8 Christian Faulhammer (RETIRED) gentoo-dev

2008-06-24 21:51:24 UTC

x86 stable

Comment 9 Raúl Porcel (RETIRED) gentoo-dev

2008-06-26 11:09:49 UTC

alpha/sparc stable

Comment 10 Tobias Scherbaum (RETIRED) gentoo-dev

2008-06-26 20:37:59 UTC

ppc stable

Comment 11 Jeroen Roovers (RETIRED) gentoo-dev

2008-06-28 15:27:38 UTC

Stable for HPPA.

Comment 12 Markus Meier gentoo-dev

2008-07-06 19:22:12 UTC

amd64 stable, sorry for the delay.

Comment 13 Robert Buchholz (RETIRED) gentoo-dev

2008-07-30 00:38:53 UTC

GLSA vote: NO

Comment 14 Pierre-Yves Rofes (RETIRED) gentoo-dev

2008-07-31 08:45:36 UTC

NO too, closing.