Package: spip Severity: normal http://www.securityfocus.com/bid/16551
SPIP is prone to an SQL-injection vulnerability. This issue is due to a failure in the application to properly sanitize user-supplied input. Successful exploitation can allow an attacker to bypass authentication, modify data, or exploit vulnerabilities in the underlying database implementation. Other attacks may also be possible. There is a 0day exploit for the remote command execution issue available: http://retrogod.altervista.org/spip_182g_shell_inj_xpl.html http://www.milw0rm.com/id.php?id=1482 http://www.securityfocus.com/bid/16556/exploit The SQL injection can be triggered via a URL: http://www.securityfocus.com/bid/16551/exploit No fix is currently available for the security issues given above. I recommend to disallow access to spip_rss.php and spip_acces_doc.php3 -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable'), (500, 'testing'), (500, 'stable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.15-1-686-smp Locale: LANG=en_US, LC_CTYPE=en_US (charmap=ISO-8859-1) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
