Next message: Robert van der Meulen: "Re: proftpd format bug"
Patch for the following advisory:
http://www.isecurelabs.com/article.php?sid=230
> Hi nuke webmasters,
>
> Phpnuke cross site scripting vulnerability
> Affected version : 5.3.1 and prior perhaps other...perhaps all
> PostNuke affected too.
>
> No more explanation, it is enough with cross site scripting...i'm bored with
> CSS vuln ;)
> http://www.phpnuke.org/user.php?op=userinfo&uname=>alert(document.coo
> kie);</script>
Avaliable here:
http://www.twlc.net/download.php?op=getit&lid=122
postnuke users (tested on rogue 0.70): rename postnuke.php into user.php and upload it replacing the old one in modules/NS-User
directory
phpnuke users (5.31): rename phpnuke531.php into user.php and upload it replacing the old one
phpnuke users (5.2): rename phpnuke52.php into user.php and upload it replacing the old one
notice that all the patches are tested and work.
--
the postnuke patch consist in adding this string after global variables in modules/NS-User/user.php in function user_user_userinfo.
if you have a versions of postnuke prior to 0.7 you may try this trick.
$var['uname'] = strip_tags($var['uname']);
kain
--
if the version of php nuke you are running isn't listed write the patch on your own! it's simple, just find the function userinfo
(in user.php located in the root dir) and add after the global variables:
$uname = strip_tags($uname);
supergate
--
peace.
supergate, shockzor, kain
http://www.twlc.net
http://www.kuht.it
This archive was generated by hypermail 2b30
: Sun Dec 09 2001 - 10:24:58 PST