[VIM] Security Vulnerabilities reported in UNP (fwd)

Steven M. Christey coley at linus.mitre.org
Wed Dec 14 00:59:25 EST 2005


Still haven't heard back from whoever it was I sent another inquiry to a
few days ago.

---------- Forwarded message ----------
Date: Wed, 14 Dec 2005 00:57:34 -0500 (EST)
From: Steven M. Christey <coley at mitre.org>
To: utopiasupport at gmail.com
Cc: coley at mitre.org
Subject: Security Vulnerabilities reported in UNP


Hello,

I am a computer security professional and the editor for the Common
Vulnerabilities and Exposures (CVE) project.  CVE is a list of
software vulnerabilities, and it is widely used in the computer
security industry.  It is sponsored by the US Department of Homeland
Security.

Recently, some vulnerabilities in your product was reported to public
sources.  References and a description are included below.

Are these vulnerability reports accurate?  If so, then are the
problems fixed, and in which versions?

For your convenience, I will share your response with other
vulnerability information sources unless you request otherwise.


Thank you,
Steve Christey
Principal Information Security Engineer
CVE Editor
The MITRE Corporation




======================================================
Name: CVE-2005-3200
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3200
Reference: BUGTRAQ:20051007 Utopia News Pro 1.1.3 SQL Injection / cross site scripting
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=112872691119874&w=2
Reference: BID:15027
Reference: URL:http://www.securityfocus.com/bid/15027
Reference: SECUNIA:17115
Reference: URL:http://secunia.com/advisories/17115/
Reference: XF:utopianewspro-header-footer-xss(22554)
Reference: URL:http://xforce.iss.net/xforce/xfdb/22554

Multiple cross-site scripting (XSS) vulnerabilities in Utopia News Pro
1.1.3 and 1.1.4 allow remote attackers to inject arbitrary web script
or HTML via (1) the sitetitle parameter in header.php and (2) the
version and (3) query_count parameters in footer.php.


======================================================
Name: CVE-2005-3201
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-3201
Reference: BUGTRAQ:20051007 Utopia News Pro 1.1.3 SQL Injection / cross site scripting
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=112872691119874&w=2
Reference: BID:15028
Reference: URL:http://www.securityfocus.com/bid/15028
Reference: SECUNIA:17115
Reference: URL:http://secunia.com/advisories/17115/
Reference: XF:utopianewspro-news-sql-injection(22555)
Reference: URL:http://xforce.iss.net/xforce/xfdb/22555

SQL injection vulnerability in news.php for Utopia News Pro (UNP)
1.1.3, when magic_quotes_gpc is disabled and register_globals is
enabled, allows remote attackers to execute arbitrary SQL via the
newsid parameter.


======================================================
Name: CVE-2005-4223
Status: Candidate
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2005-4223
Reference: BUGTRAQ:20051211 [PHP-CHECKER] 99 potential SQL injection vulnerabilities
Reference: URL:http://www.securityfocus.com/archive/1/archive/1/419280/100/0/threaded
Reference: MISC:http://glide.stanford.edu/yichen/research/sec.pdf
Reference: FRSIRT:ADV-2005-2859
Reference: URL:http://www.frsirt.com/english/advisories/2005/2859
Reference: SECUNIA:17988
Reference: URL:http://secunia.com/advisories/17988/

Multiple "potential" SQL injection vulnerabilities in Utopia News Pro
(UNP) 1.1.4 might allow remote attackers to execute arbitrary SQL
commands via (1) the newsid parameter in editnews.php, (2) the catid
and question parameters in faq.php, (3) the poster parameter in
postnews.php, (4) the tempid parameter in templates.php, and (5) the
userid and groupid parameters in users.php.




More information about the VIM mailing list