MULTI SECURITY VULNERABILITIES IN MVNFORUM - (SVRT-BKIS)

English | Vietnamese

Rules

Main Forum

Portal

Member Listing

Statistics

Search

Reading Room
[Register]

Login [ | https ]

Forum Index

Thông tin new bugs và exploits

MULTI SECURITY VULNERABILITIES IN MVNFORUM - (SVRT-BKIS)

[Announcement] MULTI SECURITY VULNERABILITIES IN MVNFORUM - (SVRT-BKIS)	05/12/2008 03:21:03 (+0700) \| #1 \| 161323

beatboxvn
Member

Joined: 24/06/2008 22:43:46
Messages: 14
Offline

Security Focus:
http://www.securityfocus.com/archive/1/498872

Secunia:
http://secunia.com/Advisories/32931

1. General Information
mvnForum is software used for creating forums on the Internet
http://www.mvnforum.com). This is an open source software making use of
Java J2EE (ISP/Servlet) technology.

On September 6 2008, SVRT-Bkis found several CSRF and XSS vulnerabilities in
some functions of mvnForum 1.2 GA. These are highly serious vulnerabilities
allowing hackers to perform privilege escalation attack on the Forum.

We have contacted the development team and they have patched all those
vulnerabilities in the latest version of mvnForum 1.2.1 GA.

Details : http://security.bkis.vn/?p=286
SVRT Advisory : SVRT-06-08
Initial vendor notification : 30-10-2008
Release Date : 03-12-2008
Update Date : 03-12-2008
Discovered by : SVRT-Bkis
Attack Type : CSRF, XSS
Security Rating : Critical
Impact : Privilege escalation
Affected Software : mvnForum (version <= 1.2 GA)

2. Technical Description
We have detected five vulnerabilities in different functions of mvnForum,
four of which are CSRF (Cross-site request forgery) flaw and the other is an
XSS (Cross-site scripting) flaw.

More precisely, four CSRF vulnerabilities make way for hackers to escalate
their privilege on such forum by tricking the administrator to perform some
task without asking him/her for confirmation. Tasks relating to these four
vulnerabilities are:
- Creating a new forum where the hacker is the administrator.
- Raise the privilege of an arbitrary account.
- Give an arbitrary account the sub-forum administrator privilege.
- Enable or disable an arbitrary account.

The XSS vulnerability is in the "Who's online" function of the forum. If
hackers successfully exploit this flaw, malicious code (JavaScript) will be
executed whenever the administrator view information with this function.

3. Solution
Rating these highly critical vulnerabilities, Bkis Center recommends that
all units, organizations and individuals using mvnForum should immediately
update their forums with the latest version of the application here:
http://sourceforge.net/project/showfiles.php?group_id=65527&package_id=6
3007

4. Credit
Thanks Dau Huy Ngoc for working with SVRT-Bkis

[Question] Re: MULTI SECURITY VULNERABILITIES IN MVNFORUM - (SVRT-BKIS)	05/12/2008 06:02:16 (+0700) \| #2 \| 161342

conmale
Administrator

Joined: 07/05/2004 23:43:15
Messages: 9353
Location: down under
Offline

Hèm... ước gì BKIS dành chút thời gian audit giùm cái forum của HVA nhỉ? smilie

What bringing us together is stronger than what pulling us apart.

[Question] Re: MULTI SECURITY VULNERABILITIES IN MVNFORUM - (SVRT-BKIS)	05/12/2008 07:02:07 (+0700) \| #3 \| 161364

dannv
Member

Joined: 15/06/2008 11:44:46
Messages: 50
Location: phố Nhổn
Offline

Trên securityfocus nó viết thế này:Thanks Dau Huy Ngoc for working with SVRT-Bkis
Sau khi dùng google translate nó dịch ra thế này:Thanks Đậu Huy Ngọc cho làm việc với SVRT-Bkis
Ai đó có thể giải thích cái đoạn màu đỏ cho em được không smilie