phplist: cross site request forgery (CSRF)

2011.04.14
Credit: Hanno Boeck
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-352


CVSS Base Score: 6.8/10
Impact Subscore: 6.4/10
Exploitability Subscore: 8.6/10
Exploit range: Remote
Attack complexity: Medium
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

phplist: cross site request forgery (CSRF), CVE-2011-0748 References http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2748 http://int21.de/cve/CVE-2011-0748-phplist.html Description phplist is a mailing list software written in PHP. Up to version 2.10.12, it provided no protection against cross site request forgery (CSRF) at all, allowing a malicious attacker controlling a webpage an admin visits at the time being logged into phplist to gain full control over the phplist installation. The vendor has released version 2.10.13, which fixes the vulnerability, but somehow forgot to give any credit to the person reporting the vulnerability to them. Disclosure Timeline 2011-02-03: Vendor contacted 2011-02-10: Vendor releases 2.10.13 with fix 2011-04-07: Published advisory This vulnerability was discovered by Hanno Boeck, http://www.hboeck.de, of schokokeks.org webhosting. -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.17 (GNU/Linux) iQIcBAEBCAAGBQJNnflEAAoJEKWIAHK7tR5CouMP/2qHYegS74FtseuX3hkC0phr sUGBTV0LAar21aZ7r56PLzB8QjVLwgoE/aeO3UoJCQkF7Ak4TgK8jHSrJ1ETAbK2 g7DCE1TqGl3gZoDJTrTtWCcJpKRcLFyijCYo4eGt9nYYU90eCjfhm/aXzGigCMCZ yzzIgGwrrZ760140YNdLDlXNP692OpLnacbwFeM8YxQm11Fp59NuKMJ6DK6DJGKD L6MfgvA9VMej/uZIDixAwON+TbUgoDN94Zck95LkkQ2SwUlVRlKvwBms3MkSVaUi yXZmbZiI5K0BOXg4U569NMoVwhO0hcBU+nRqEyKXxavCATL9a+6skBzEECwglq6V q2kMcA1ZPGVVKARo+V04wDEBh/dlrKk4QqZr1NLxbi5mKcE5HNcj23Vo/Jo0fxfI qBeU2fzupULtHhucWxV3KDSG8TY16n7Ff+knPdCyf1sWilx4tbA7WlDoO875x49M BefmnHLUIblTouo/734XFHmBhgtBIAxtDmQ0wLsajA0ygg4G/tmj9eyzt4cILFNh 6AEtfVv7pevmaz/YFr8HxTKBqpkjqoBp6suUVGt7oAyvQF7uJmQKwfwFuuTqHRPL ud1qGko3LGuXc/1XCCfFF/C9vAkcq2fFWO1O8/GaWsUZV50FUzVT5Q42veiv8M8U g8c9d5qA5ygiY6ARSBB4 =GeYQ -----END PGP SIGNATURE-----

References:

http://www.securityfocus.com/archive/1/archive/1/517400/100/0/threaded
http://www.phplist.com/?lid=516
http://secunia.com/advisories/44041
http://int21.de/cve/CVE-2011-0748-phplist.html


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2022, cxsecurity.com

 

Back to Top