MULTI SECURITY VULNERABILITIES IN MVNFORUM
On September 6 2008, SVRT-Bkis found several CSRF and XSS vulnerabilities in
some functions of mvnForum 1.2 GA. These are highly serious vulnerabilities
allowing hackers to perform privilege escalation attack on the Forum.
We have contacted the development team and they have patched all those
vulnerabilities in the latest version of mvnForum 1.2.1 GA.
Details : http://security.bkis.vn/?p=286
SVRT Advisory : SVRT-06-08
Initial vendor notification : 30-10-2008
Release Date : 03-12-2008
Update Date : 03-12-2008
Discovered by : SVRT-Bkis
Attack Type : CSRF, XSS
Security Rating : Critical
Impact : Privilege escalation
Affected Software : mvnForum (version <= 1.2 GA)
More precisely, four CSRF vulnerabilities make way for hackers to escalate
their privilege on such forum by tricking the administrator to perform some
task without asking him/her for confirmation. Tasks relating to these four
vulnerabilities are:
The XSS vulnerability is in the "Who's online" function of the forum. If
hackers successfully exploit this flaw, malicious code (JavaScript) will be
executed whenever the administrator view information with this function.
Solution
Rating these highly critical vulnerabilities, Bkis Center recommends that
all units, organizations and individuals using mvnForum should immediately
update their forums with the latest version of the application here:
http://sourceforge.net/project/showfiles.php?group_id=65527&package_id=63007
Credit
Thanks Dau Huy Ngoc for working with SVRT-Bkis
SVRT, which is short for Security Vulnerability Research Team, is one of
Bkis researching groups. SVRT specializes in the detection, alert and
announcement of security vulnerabilities in software, operating systems,
network protocols and embedded systems.
Bach Khoa Internetwork Security Center (BKIS)
Hanoi University of Technology (Vietnam)
.
SVRT-Bkis
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/