Bug#317739: marked as done (XSS in phpbb2 (MS IE only) [CAN-2005-2161])

Debian Bug Tracking System Thu, 28 Jul 2005 22:38:28 -0700

Your message dated Thu, 28 Jul 2005 22:02:08 -0700
with message-id <[EMAIL PROTECTED]>
and subject line Bug#317739: fixed in phpbb2 2.0.13+1-6sarge1
has caused the attached Bug report to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 11 Jul 2005 07:35:31 +0000
>From [EMAIL PROTECTED] Mon Jul 11 00:35:31 2005
Return-path: <[EMAIL PROTECTED]>
Received: from eol.lvk.cs.msu.su [158.250.17.73] 
        by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
        id 1Drsp9-0003dO-00; Mon, 11 Jul 2005 00:35:31 -0700
Received: by eol.lvk.cs.msu.su (Postfix, from userid 1000)
        id 9582EFC7; Mon, 11 Jul 2005 11:35:28 +0400 (MSD)
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
From: Alexander Gerasiov <[EMAIL PROTECTED]>
To: Debian Bug Tracking System <[EMAIL PROTECTED]>
Subject: XSS in phpbb2 (MS IE only?)
X-Mailer: reportbug 3.8
Date: Mon, 11 Jul 2005 11:35:28 +0400
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
        (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
        autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level: 

Package: phpbb2
Version: 2.0.13-6
Severity: serious

XSS was reported it bugtraq 05 july.

Just tested it on my phpbb2 installation and found the following code
shows cookies on MS IE.

[color=#EFEFEF][url]www.ut[url=www.s=''style='font-size:0;color:#EFEFEF'style='top:expression(eval(this.sss));'sss=`alert(document.cookie);this.sss=null`style='font-size:0;][/url][/url]'[/color]


-- System Information:
Debian Release: 3.1
  APT prefers testing
  APT policy: (620, 'testing'), (600, 'unstable'), (550, 'experimental')
Architecture: i386 (i686)
Kernel: Linux 2.6.11-1-686
Locale: LANG=ru_RU.KOI8-R, LC_CTYPE=ru_RU.KOI8-R (charmap=KOI8-R)

Versions of packages phpbb2 depends on:
ii  apache [httpd]               1.3.33-6    versatile, high-performance HTTP s
ii  debconf                      1.4.30.13   Debian configuration management sy
ii  libapache-mod-php4           4:4.3.10-15 server-side, HTML-embedded scripti
ii  php4                         4:4.3.10-15 server-side, HTML-embedded scripti
ii  php4-mysql                   4:4.3.10-15 MySQL module for php4

-- debconf information:
* phpbb2/httpd: apache

---------------------------------------
Received: (at 317739-close) by bugs.debian.org; 29 Jul 2005 05:08:31 +0000
>From [EMAIL PROTECTED] Thu Jul 28 22:08:31 2005
Return-path: <[EMAIL PROTECTED]>
Received: from katie by spohr.debian.org with local (Exim 3.36 1 (Debian))
        id 1DyN0a-00027f-00; Thu, 28 Jul 2005 22:02:08 -0700
From: Thijs Kinkhorst <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
X-Katie: $Revision: 1.56 $
Subject: Bug#317739: fixed in phpbb2 2.0.13+1-6sarge1
Message-Id: <[EMAIL PROTECTED]>
Sender: Archive Administrator <[EMAIL PROTECTED]>
Date: Thu, 28 Jul 2005 22:02:08 -0700
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
        (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Level: 
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER 
        autolearn=no version=2.60-bugs.debian.org_2005_01_02

Source: phpbb2
Source-Version: 2.0.13+1-6sarge1

We believe that the bug you reported is fixed in the latest version of
phpbb2, which is due to be installed in the Debian FTP archive:

phpbb2-conf-mysql_2.0.13-6sarge1_all.deb
  to pool/main/p/phpbb2/phpbb2-conf-mysql_2.0.13-6sarge1_all.deb
phpbb2-languages_2.0.13-6sarge1_all.deb
  to pool/main/p/phpbb2/phpbb2-languages_2.0.13-6sarge1_all.deb
phpbb2_2.0.13+1-6sarge1.diff.gz
  to pool/main/p/phpbb2/phpbb2_2.0.13+1-6sarge1.diff.gz
phpbb2_2.0.13+1-6sarge1.dsc
  to pool/main/p/phpbb2/phpbb2_2.0.13+1-6sarge1.dsc
phpbb2_2.0.13-6sarge1_all.deb
  to pool/main/p/phpbb2/phpbb2_2.0.13-6sarge1_all.deb



A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Thijs Kinkhorst <[EMAIL PROTECTED]> (supplier of updated phpbb2 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Format: 1.7
Date: Tue, 26 Jul 2005 18:22:00 +0200
Source: phpbb2
Binary: phpbb2-languages phpbb2-conf-mysql phpbb2
Architecture: source all
Version: 2.0.13+1-6sarge1
Distribution: stable-security
Urgency: high
Maintainer: Jeroen van Wolffelaar <[EMAIL PROTECTED]>
Changed-By: Thijs Kinkhorst <[EMAIL PROTECTED]>
Description: 
 phpbb2     - A fully featured and skinneable flat (non-threaded) webforum
 phpbb2-conf-mysql - Automatic configurator for phpbb2 on MySQL database
 phpbb2-languages - phpBB2 additional languages
Closes: 317739
Changes: 
 phpbb2 (2.0.13+1-6sarge1) stable-security; urgency=high
 .
   * Security update by phpBB maintainers
   * Update existing BBCode XSS patch to incorporate fix for a newly discovered
     XSS vulnerability [CAN-2005-2161]. (Closes: #317739)
Files: 
 a2192409bb6c743be83d87529e00ebcc 783 web optional phpbb2_2.0.13+1-6sarge1.dsc
 e5a598478e4f01a3e8981b72c1356445 61579 web optional 
phpbb2_2.0.13+1-6sarge1.diff.gz
 678d0cb0372e46402a472c510fb90d78 3340445 web optional 
phpbb2_2.0.13+1.orig.tar.gz
 2e0d83079efc4321532e062a4c746598 525020 web optional 
phpbb2_2.0.13-6sarge1_all.deb
 9d27f1ba0c529544447be2537a2e427c 36996 web extra 
phpbb2-conf-mysql_2.0.13-6sarge1_all.deb
 8de633213b53ff0c2029b0b3e28aa847 2868362 web optional 
phpbb2-languages_2.0.13-6sarge1_all.deb

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)

iD8DBQFC541oW5ql+IAeqTIRAqqlAKCzpMQtU5OwyX9WLNZx+/xy5/kwvgCeK30A
nrCxM+U7XhPdysPwSuF1n3E=
=hpIn
-----END PGP SIGNATURE-----


-- 
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]

Bug#317739: marked as done (XSS in phpbb2 (MS IE only) [CAN-2005-2161])

Reply via email to