svn commit: r544152 - head/security/vuxml
Jochen Neumeister
joneum at FreeBSD.org
Tue Aug 4 09:30:45 UTC 2020
Author: joneum
Date: Tue Aug 4 09:30:44 2020
New Revision: 544152
URL: https://svnweb.freebsd.org/changeset/ports/544152
Log:
add entry for typo3-9 and typo3-10
PR: 248430 248429
Sponsored by: Netzkommune GmbH
Modified:
head/security/vuxml/vuln.xml
Modified: head/security/vuxml/vuln.xml
==============================================================================
--- head/security/vuxml/vuln.xml Tue Aug 4 09:08:04 2020 (r544151)
+++ head/security/vuxml/vuln.xml Tue Aug 4 09:30:44 2020 (r544152)
@@ -58,6 +58,56 @@ Notes:
* Do not forget port variants (linux-f10-libxml2, libxml2, etc.)
-->
<vuxml xmlns="http://www.vuxml.org/apps/vuxml-1">
+ <vuln vid="eab964f8-d632-11ea-9172-4c72b94353b5">
+ <topic>typo3 -- multiple vulnerabilities</topic>
+ <affects>
+ <package>
+ <name>typo3-9-php72</name>
+ <name>typo3-9-php73</name>
+ <name>typo3-9-php74</name>
+ <range><lt>9.5.20</lt></range>
+ </package>
+ <package>
+ <name>typo3-10-php72</name>
+ <name>typo3-10-php73</name>
+ <name>typo3-10-php74</name>
+ <range><lt>10.4.6</lt></range>
+ </package>
+ </affects>
+ <description>
+ <body xmlns="http://www.w3.org/1999/xhtml">
+ <p>Typo3 Team reports:</p>
+ <blockquote cite="https://typo3.org/article/typo3-1046-and-9520-security-releases-published">
+ <p>In case an attacker manages to generate a valid cryptographic message authentication
+ code (HMAC-SHA1) - either by using a different existing vulnerability or in case the
+ internal encryptionKey was exposed - it is possible to retrieve arbitrary files of a
+ TYPO3 installation. This includes the possibility to fetch typo3conf/LocalConfiguration.php
+ which again contains the encryptionKey as well as credentials of the database management
+ system being used.
+ In case a database server is directly accessible either via internet or in a shared hosting
+ network, this allows to completely retrieve, manipulate or delete database contents.
+ This includes creating an administration user account - which can be used to trigger remote
+ code execution by injecting custom extensions.</p>
+ <p>It has been discovered that an internal verification mechanism can be used to generate
+ arbitrary checksums. This allows to inject arbitrary data having a valid cryptographic
+ message authentication code (HMAC-SHA1) and can lead to various attack chains as described
+ below.</p>
+ </blockquote>
+ </body>
+ </description>
+ <references>
+ <url>https://typo3.org/article/typo3-1046-and-9520-security-releases-published</url>
+ <url>https://typo3.org/security/advisory/typo3-core-sa-2020-007</url>
+ <url>https://typo3.org/security/advisory/typo3-core-sa-2020-008</url>
+ <cvename>CVE-2020-15098</cvename>
+ <cvename>CVE-2020-15099</cvename>
+ </references>
+ <dates>
+ <discovery>2020-07-28</discovery>
+ <entry>2020-08-04</entry>
+ </dates>
+ </vuln>
+
<vuln vid="3c7ba82a-d3fb-11ea-9aba-0c9d925bbbc0">
<topic>xorg-server -- Pixel Data Uninitialized Memory Information Disclosure</topic>
<affects>
More information about the svn-ports-head
mailing list