Debian Security Update Fixes Mahara Input Validation Vulnerabilities


Description   Multiple vulnerabilities have been identified in Debian, which could be exploited to conduct cross site scripting and request forgery attacks. These issues are caused by inpu validation errors in Mahara when handling user-supplied data or session keys, which could be exploited to cause arbitrary scripting code to be executed by the user's browser in the security context of an affected site, or delete arbitrary blogs.
     
Vulnerable Products   Vulnerable Software:
Debian GNU/Linux squeezeDebian GNU/Linux lennyDebian GNU/Linux sid
     
Solution   Debian GNU/Linux squeeze - Upgrade to mahara version 1.2.6-2+squeeze1Debian GNU/Linux lenny - Upgrade to mahara version 1.0.4-4+lenny8Debian GNU/Linux sid - Upgrade to mahara version 1.2.7
     
CVE   CVE-2011-0440
CVE-2011-0439
     
References   http://lists.debian.org/debian-security-announce/2011/msg00074.html
     
Vulnerability Manager Detection   No
     
IPS Protection  
ASQ Engine alarm Available Since
XSS - Prevention - POST : suspicious tag with event found in data
3.2.0
XSS - Prevention - POST : suspicious 'object' tag found in data
3.2.0
XSS - Prevention - POST : suspicious 'applet' tag found in data
3.2.0
XSS - Prevention - POST : 'location' javascript object found in data
3.2.0
XSS - Prevention - POST : javascript code found in data
3.2.0
XSS - Prevention - POST : suspicious 'iframe' tag found in data
3.2.0
XSS - Prevention - POST : code allowing cookie access found in data
3.2.0
XSS - Prevention - POST : suspicious 'embed' tag found in data
3.2.0
XSS - Prevention - POST : suspicious 'style' tag found in data
3.2.0
XSS - Prevention - POST : suspicious 'div' tag found in data
3.2.0
XSS - Prevention - POST : 'script' tag found in data
3.2.0
XSS - Prevention - POST : suspicious 'style' attribute found in data
3.2.0
     


 
 
 
 
 Risk level 
Low 

 Vulnerability First Public Report Date 
2011-03-30 

 Target Type 
Server 

 Possible exploit 
Local & Remote