From jericho at attrition.org Mon Sep 2 12:40:13 2013 From: jericho at attrition.org (security curmudgeon) Date: Mon, 2 Sep 2013 12:40:13 -0500 (CDT) Subject: [VIM] BID 62104 date Message-ID: http://www.securityfocus.com/bid/62104 Published: Sep 30 2013 12:00AM This should be Aug 30, per CERT VU#960908 which I assume is the provenance. From Dinesh_Theerthagiri at symantec.com Mon Sep 2 14:07:29 2013 From: Dinesh_Theerthagiri at symantec.com (Dinesh Theerthagiri) Date: Mon, 2 Sep 2013 12:07:29 -0700 Subject: [VIM] BID 62104 date In-Reply-To: References: Message-ID: <86E9E90EE35E9041B100B9ED1D5C8B5745276738BC@APJ1XCHEVSPIN30.SYMC.SYMANTEC.COM> Hey, Thanks for correction us. We changed the published date of the bid to 62104 to August 30. Thanks, T.Dinesh -----Original Message----- From: vim-bounces at attrition.org [mailto:vim-bounces at attrition.org] On Behalf Of security curmudgeon Sent: 02 September 2013 23:10 To: vim at attrition.org Subject: [VIM] BID 62104 date Importance: High http://www.securityfocus.com/bid/62104 Published: Sep 30 2013 12:00AM This should be Aug 30, per CERT VU#960908 which I assume is the provenance. From kseifried at redhat.com Mon Sep 16 22:19:07 2013 From: kseifried at redhat.com (Kurt Seifried) Date: Mon, 16 Sep 2013 21:19:07 -0600 Subject: [VIM] WordPress Better WP Security Plugin HTML Injection Vulnerability In-Reply-To: <20130804015623.GB18750@kludge.henri.nerv.fi> References: <20130804015623.GB18750@kludge.henri.nerv.fi> Message-ID: <5237CA2B.3060208@redhat.com> -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 08/03/2013 07:56 PM, Henri Salo wrote: > On Fri, Aug 02, 2013 at 08:35:41PM +0000, George Theall wrote: >> Narayan / Venkat / Rob : what difference is there between BIDs >> 61562 and 61518? Both credit Richard Warren and involve an XSS >> vulnerability addressed in Better WP Security 3.5.4. The plugin's >> change log >> (http://www.wordpress.org/plugins/better-wp-security/changelog/) >> only lists one XSS issue: >> >> ? Fixed an XSS vulnerability in the logevent function. Fix by >> Richard Warren >> >> George -- theall at tenable.com > > I can do diffing for commits if needed. Does this already have CVE > identifier? There is at least issues: > > http://osvdb.org/84737 http://osvdb.org/84738 > http://osvdb.org/95884 > > --- Henri Salo > If you can please post the diffs (assuming they're not insanely long) that'd be great and I'll assign CVEs, thanks. - -- Kurt Seifried Red Hat Security Response Team (SRT) PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993 -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (GNU/Linux) iQIcBAEBAgAGBQJSN8orAAoJEBYNRVNeJnmTdK4QAJwnrv6h0wiKqxf3au4Kf7A+ vxSVdVIDatWjME+QQk8RIqeu1vM5WgrPcdpkZ86lRPtM3JBvDguk3Em7dyVTqPYS TQYDPM8Bv3FuZAsLzX6/tgpy4SH/NSP9HUyhlZrgFrBacXk9wrf1X/x0agfeOvY/ ydIqrx9C3OQjjL8N0HwlYQLhd7Ropk7aX6J0K2wEEnZdLPu/AQ6JjT8HsDacook+ 7c/6YCdhXNs9zkrmszkboL/s3Ixyomt7RXCoP6dORob18VWa0w9AL/pBk30yEZmY mABOcysp8JrOCVG513304YH4QcqVR+LvTFQSKyunIJNZ37C/flgWP/Uukcnedn3j BrQSMCrd+YTSZWX6SHUlb18haBp1CLMY2tzsfFh+o5wUMC9EuNRTTP4TcYTQl0lm WbUf814H8REDx+8S0mY6cMab42ToSP1F5BL5/nRlpK7zYyLvp2I8fjfBHo3ReFPY NhyUB8JnHw7Fs20lsYpmVtYUlgXruqFIAsGw7YSc3VBraE9s8kVmi7DzyxUYNvuV Ee6xZ2Z9pQWe9mGqbL9PrUAZmKpuuFei6B8X3GX1uuCApM8UqsTggYIv+whjxwxN SA9BycRCect3JE+STs4D7bddFYwb/7C6Zq3Ko5+DgefoayO/zhhxzxBFH+Y2FKQf DEOmeLwdzyqrG6W8pt+5 =lzzp -----END PGP SIGNATURE----- From jericho at attrition.org Mon Sep 23 16:19:27 2013 From: jericho at attrition.org (security curmudgeon) Date: Mon, 23 Sep 2013 16:19:27 -0500 (CDT) Subject: [VIM] RubyGems dupe CVE assignment? (for BID / CVE) Message-ID: http://www.securityfocus.com/bid/62442 CVE-2013-4363 http://osvdb.org/97163 CVE-2013-4287 These have different creditees. The BID entry is too vague to figure out if this is a dupe assignment or not. http://www.securityfocus.com/bid/62442/solution Solution: Updates are available. Please see the references or vendor advisory for more information. http://www.securityfocus.com/bid/62442/references References: (blank) It would be really nice if BID could treat the public database differently than their private one to avoid this, as it is very common and entirely frustrating. From gtheall at tenable.com Tue Sep 24 09:00:04 2013 From: gtheall at tenable.com (George Theall) Date: Tue, 24 Sep 2013 14:00:04 +0000 Subject: [VIM] AjaXplorer 'checkInstall.php' Remote Command Execution Vulnerability Message-ID: Dinesh / Narayan / Venkat / Rob : Is there any additional information that you can provide about BID 62603, which was created yesterday. I notice it coincides with an alert that Cisco published -- http://tools.cisco.com/security/center/viewAlert.x?alertId=30942. That explicitly references BugTraq ID 39334, though. So is this new BID a dup or does it truly cover a new vulnerability? George -- theall at tenable.com From amanion at cert.org Wed Sep 25 13:33:04 2013 From: amanion at cert.org (Art Manion) Date: Wed, 25 Sep 2013 14:33:04 -0400 Subject: [VIM] CVE-2013-5576 == Joomla! media.php upload vulnerability? VU#639620 Message-ID: <52432C60.7030201@cert.org> OSVDB associates CVE-2013-5576 with this Joomla! file upload vulnerability: (Thanks for the descriptive advisory.) The CVE-2013-5576 description is still marked as RESERVED. As Joomla! and other CMS are fairly popular targets, there is desire for an NVD (and CVE) entry. Can anybody clarify? The bug was that uploaded file names ending in '.' bypassed various checks for allowed extensions/types. Upload and run arbitrary php. More references: - Art