Bug#453838: acidbase: CVE-2007-6156 cross site scripting vulnerability

Sun, 02 Dec 2007 06:09:32 -0800 

Hi,
attached is a patch for an NMU which fixes this bug.
The patch referenced in my first mail seems to be wrong, 
there were {} missing around the header and die.
This patch is also available from:
http://people.debian.org/~nion/nmu-diff/acidbase-1.3.8-1_1.3.8-1.1.patch

Kind regards
Nico

-- 
Nico Golde - http://www.ngolde.de - [EMAIL PROTECTED] - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.

diff -u acidbase-1.3.8/debian/changelog acidbase-1.3.8/debian/changelog
--- acidbase-1.3.8/debian/changelog
+++ acidbase-1.3.8/debian/changelog
@@ -1,3 +1,10 @@
+acidbase (1.3.8-1.1) unstable; urgency=high
+
+  * Non-maintainer upload by testing-security team.
+  * Fixed XSS bug in index.php (CVE-2007-6156; Closes: #453838)
+
+ -- Nico Golde <[EMAIL PROTECTED]>  Sun, 02 Dec 2007 15:01:55 +0100
+
 acidbase (1.3.8-1) unstable; urgency=low
 
   * New upstream release.
diff -u acidbase-1.3.8/debian/patches/00list acidbase-1.3.8/debian/patches/00list
--- acidbase-1.3.8/debian/patches/00list
+++ acidbase-1.3.8/debian/patches/00list
@@ -7,0 +8 @@
+CVE-2007-6156.dpatch
only in patch2:
unchanged:
--- acidbase-1.3.8.orig/debian/patches/CVE-2007-6156.dpatch
+++ acidbase-1.3.8/debian/patches/CVE-2007-6156.dpatch
@@ -0,0 +1,23 @@
+#! /bin/sh /usr/share/dpatch/dpatch-run
+## CVE-2007-6156.dpatch by Nico Golde <[EMAIL PROTECTED]>
+##
+## All lines beginning with `## DP:' are a description of the patch.
+## DP: No description.
+
[EMAIL PROTECTED]@
+diff -urNad acidbase-1.3.8~/index.php acidbase-1.3.8/index.php
+--- acidbase-1.3.8~/index.php	2007-07-08 17:11:40.000000000 +0200
++++ acidbase-1.3.8/index.php	2007-12-02 15:01:47.000000000 +0100
+@@ -23,8 +23,10 @@
+  *  Check to see if the base_conf.php file exists and is big enough...
+  *  if not redirect to the setup/index.php page
+ */
+-if (!file_exists('base_conf.php') || filesize('base_conf.php') < 10)
+-    base_header( 'Location: setup/index.php' );
++if (!file_exists('base_conf.php') || filesize('base_conf.php') < 10){
++   header( 'Location: setup/index.php' );
++   die();
++}
+ 
+ require("base_conf.php");
+ include("$BASE_path/includes/base_include.inc.php");

Attachment: pgpHO8k5hmRpT.pgp
Description: PGP signature

Reply via email to