Package: torrentflux Version: 2.1-1
Severity: normal Tags: patch *** Please type your report below this line *** As reported, torrentflux has a minor XSS vulnerability. Patch attached. http://www.stevenroddis.com.au/2006/10/06/torrentflux-user-agent-xss-vulnerability/ diff -u torrentflux-2.1/debian/patches/00list torrentflux-2.1/debian/patches/00list --- torrentflux-2.1/debian/patches/00list +++ torrentflux-2.1/debian/patches/00list @@ -4,0 +5 @@ +05_sanitize_html_entities.dpatch only in patch2: unchanged: --- torrentflux-2.1.orig/debian/patches/05_sanitize_html_entities.dpatch +++ torrentflux-2.1/debian/patches/05_sanitize_html_entities.dpatch @@ -0,0 +1,26 @@ +#! /bin/sh /usr/share/dpatch/dpatch-run +## 05_sanitize_html_entities.dpatch by Kees Cook <[EMAIL PROTECTED]> +## +## All lines beginning with `## DP:' are a description of the patch. +## DP: http://www.stevenroddis.com.au/2006/10/06/torrentflux-user-agent-xss-vulnerability/ + [EMAIL PROTECTED]@ +diff -urNad torrentflux-2.1~/html/admin.php torrentflux-2.1/html/admin.php +--- torrentflux-2.1~/html/admin.php 2006-04-05 21:30:09.000000000 -0700 ++++ torrentflux-2.1/html/admin.php 2006-10-11 14:47:45.938332988 -0700 +@@ -322,7 +322,7 @@ + $user_icon = "images/user.gif"; + } + +- $ip_info = $ip_resolved."<br>".$user_agent; ++ $ip_info = htmlentities($ip_resolved)."<br>".htmlentities($user_agent); + + $output .= "<tr>"; + if (IsUser($user_id)) +@@ -2164,4 +2164,4 @@ + //**************************************************************************** + //**************************************************************************** + +-?> +\ No newline at end of file ++?> -- System Information: Debian Release: testing/unstable APT prefers unstable APT policy: (500, 'unstable') Architecture: amd64 (x86_64) Shell: /bin/sh linked to /bin/bash Kernel: Linux 2.6.17-10-generic Locale: LANG=C, LC_CTYPE=C (charmap=ANSI_X3.4-1968) -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
