Package: libstruts1.2-java Severity: grave Tags: security Justification: user security hole
Struts 1.2.9 fixes three security problems: ====================================================== Name: CVE-2006-1546 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1546 Reference: MLIST:[struts-user] 20060121 Validation Security Hole? Reference: +URL:http://mail-archives.apache.org/mod_mbox/struts-user/200601.mbox/[EMAIL PROTECTED] Reference: MLIST:[struts-devel] 20060122 Re: Validation Security Hole? Reference: URL:http://mail-archives.apache.org/mod_mbox/struts-dev/200601.mbox/[EMAIL PROTECTED] Reference: CONFIRM:http://struts.apache.org/struts-doc-1.2.9/userGuide/release-notes.html Reference: CONFIRM:http://issues.apache.org/bugzilla/show_bug.cgi?id=38374 Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to bypass validation via a request with a 'org.apache.struts.taglib.html.Constants.CANCEL' parameter, which causes the action to be canceled but would not be detected from applications that do not use the isCancelled check. ====================================================== Name: CVE-2006-1547 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1547 Reference: CONFIRM:http://struts.apache.org/struts-doc-1.2.9/userGuide/release-notes.html Reference: CONFIRM:http://issues.apache.org/bugzilla/show_bug.cgi?id=38534 ActionForm in Apache Software Foundation (ASF) Struts before 1.2.9 with BeanUtils 1.7 allows remote attackers to cause a denial of service via a multipart/form-data encoded form with a parameter name that references the public getMultipartRequestHandler method, which provides further access to elements in the CommonsMultipartRequestHandler implementation and BeanUtils. ====================================================== Name: CVE-2006-1548 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-1548 Reference: CONFIRM:http://struts.apache.org/struts-doc-1.2.9/userGuide/release-notes.html Reference: CONFIRM:http://issues.apache.org/bugzilla/show_bug.cgi?id=38749 Cross-site scripting (XSS) vulnerability in (1) LookupDispatchAction and possibly (2) DispatchAction and (3) ActionDispatcher in Apache Software Foundation (ASF) Struts before 1.2.9 allows remote attackers to inject arbitrary web script or HTML via the parameter name, which is not filtered in the resulting error message. -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: i386 (i686) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.16-1-686 Locale: LANG=C, [EMAIL PROTECTED] (charmap=ISO-8859-15) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
