Your message dated Wed, 27 Oct 2004 16:00:07 +0200
with message-id <[EMAIL PROTECTED]>
and subject line Bug#278518: KDE 3.2.2 (sarge) Konqueror suffers XSS vuln.
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 27 Oct 2004 13:44:49 +0000
>From [EMAIL PROTECTED] Wed Oct 27 06:44:49 2004
Return-path: <[EMAIL PROTECTED]>
Received: from pop.gmx.net (mail.gmx.net) [213.165.64.20]
by spohr.debian.org with smtp (Exim 3.35 1 (Debian))
id 1CMo6b-0002Gh-00; Wed, 27 Oct 2004 06:44:49 -0700
Received: (qmail 31362 invoked by uid 65534); 27 Oct 2004 13:44:17 -0000
Received: from dial-194-8-196-75.netcologne.de (EHLO dagobert) (194.8.196.75)
by mail.gmx.net (mp016) with SMTP; 27 Oct 2004 15:44:17 +0200
X-Authenticated: #4240698
From: "Yanosz" <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: KDE 3.2.2 (sarge) Konqueror suffers XSS vuln.
Date: Wed, 27 Oct 2004 15:45:21 +0200
User-Agent: KMail/1.6.2
Cc: full-disclosure@lists.netsys.com,
debian-security@lists.debian.org
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain;
charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Message-Id: <[EMAIL PROTECTED]>
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE
autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
Package: Konqueror
Version: 3.2.2-1 (sarge)
Severity: Important
In contrast to other browsers like firefox, Konqueror allows JavaScript to=
=20
access other frames in a frameset, loaded with from different (sub)domain. =
By=20
that enclosed / secret data can be read through a hidden frameset.
See http://groenndemon.de/bla for demonstration.
(I'd like also to thank the webmaster for motivating me to explore that iss=
ue=20
and setting a wegpage up for demonstration)
(Translation: Action =C4ndern -> Change action
Passwort klauen -> steel password
Abschicken -> submit)
Please verify this issue on other versions - 3.1.4 seems to be affected as=
=20
well.
Keep smiling
yanosz
---------------------------------------
Received: (at 278518-done) by bugs.debian.org; 27 Oct 2004 14:00:47 +0000
>From [EMAIL PROTECTED] Wed Oct 27 07:00:47 2004
Return-path: <[EMAIL PROTECTED]>
Received: from 84-120-65-92.onocable.ono.com (chistera.yi.org) [84.120.65.92]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CMoM1-0003Zj-00; Wed, 27 Oct 2004 07:00:47 -0700
Received: from userid 1000 by chistera.yi.org with local (Exim 4.34)
id 1CMoLP-00009X-9R; Wed, 27 Oct 2004 16:00:07 +0200
Date: Wed, 27 Oct 2004 16:00:07 +0200
From: Adeodato =?iso-8859-1?Q?Sim=F3?= <[EMAIL PROTECTED]>
To: Yanosz <[EMAIL PROTECTED]>, [EMAIL PROTECTED]
Cc: full-disclosure@lists.netsys.com, debian-security@lists.debian.org
Subject: Re: Bug#278518: KDE 3.2.2 (sarge) Konqueror suffers XSS vuln.
Message-ID: <[EMAIL PROTECTED]>
Mail-Followup-To: Yanosz <[EMAIL PROTECTED]>, [EMAIL PROTECTED],
full-disclosure@lists.netsys.com, debian-security@lists.debian.org
References: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <[EMAIL PROTECTED]>
X-No-CC: Please respect my Mail-Followup-To header
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-4.8 required=4.0 tests=BAYES_00,FROM_ENDS_IN_NUMS,
HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level:
* Yanosz [Wed, 27 Oct 2004 15:45:21 +0200]:
> Package: Konqueror
> Version: 3.2.2-1 (sarge)
> Severity: Important
> In contrast to other browsers like firefox, Konqueror allows JavaScript to
> access other frames in a frameset, loaded with from different (sub)domain. By
> that enclosed / secret data can be read through a hidden frameset.
> See http://groenndemon.de/bla for demonstration.
please see http://bugs.debian.org/261740. version 3.2.3-1.sarge.1
(available in testing-proposed-updates) fixed the vulnerability and
will be included in sarge.
you can use this version by adding this line to your sources.list:
deb http://your.mirror.debian.org/debian sarge-proposed-updates main
thanks,
--
Adeodato Simó
EM: asp16 [ykwim] alu.ua.es | PK: DA6AE621
If there is a sin against life, it consists perhaps not so much in
despairing of life as in hoping for another life and in eluding the
implacable grandeur of this life.
-- Albert Camus
