Movable Type Multiple Input Validation Vulnerabilities And User Enumeration Weakness
TITLE: Movable Type Multiple Input Validation Vulnerabilities And User Enumeration Weakness
CLASS: Input Validation Error
CVE:
REMOTE: Yes
LOCAL: No
PUBLISHED: Jun 04 2007 12:00AM
UPDATE: Jun 05 2007 08:00PM
CREDIT: Tim Brown of Portcullis Computer Security Ltd. is credited with the discovery of these vulnerabilities.
VULNERABLE:
Movable Type Movable Type Enterprise 1.03NOT VULNERABLE:
Movable Type Movable Type Enterprise 1.02
Movable Type Movable Type Enterprise 1.01
Movable Type Movable Type 3.17
Movable Type Movable Type 3.16
Movable Type Movable Type 3.2
Movable Type Movable Type 2.63
Movable Type Movable Type 2.0
Movable Type Movable Type 3.34.b1
Movable Type Movable Type 3.34
Movable Type Movable Type 3.33
Movable Type Movable Type 3.32
Movable Type Movable Type 3.31
Movable Type Movable Type 3.3
Vai alla pagina originale su Security Focus
Discussion
Movable Type is prone to multiple input-validation vulnerabilities because it fails to sufficiently sanitize user-supplied data. It is also prone to a username-enumeration weakness.
Exploiting these issues could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, cause arbitrary script code to run within the context of the webserver process that is hosting the affected software, and compromise the availability and integrity of a computer to ultimately gain remote unauthorized access by overwriting sensitive files (such as the password file).
Movable Type 3.16 is affected; other versions may also be vulnerable.
Exploit
An attacker can use a browser to exploit any of these issues.
Solution
Solution:
Currently we are not aware of any vendor-supplied patches for these issues. If you feel we are in error or if you are aware of more recent information, please mail us at: mailto:vuldb@securityfocus.com.
References
References:
- Movable Type Homepage (Movable Type)