|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
Edgewall Trac SQL Injection Vulnerability
From: David Maciejak (david.maciejak
kyxar.fr)
Date: Thu Dec 01 2005 - 15:50:37 CST
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
Edgewall Trac SQL Injection Vulnerability
Trac is an enhanced wiki and issue tracking system
for software development project. It provides an
interface to Subversion.
More information on http://projects.edgewall.com/trac/
Description:
Malicious user can conduct SQL injection in ticket query module
because supplied 'group' URI data passed to the query script
is not properly sanitized.
PoC:
http://host/trac/query?group=/*
Vulnerable version:
Version tested is 0.9
Maybe 0.9 betas are also vulnerable
Solution:
Upgrade to version 0.9.1
http://projects.edgewall.com/trac/wiki/TracDownload
Thanks for the quick fix of the Trac Team !
David Maciejak
--------------------------------------------------------------------------------
KYXAR.FR - Mail envoyé depuis http://webmail.kyxar.fr
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]