patch per l'ultimo bug di phpnuke/postnuke

Lascio intradotto...

Patch for the following advisory:
http://www.isecurelabs.com/article.php?sid=230

> Hi nuke webmasters,
>
> Phpnuke cross site scripting vulnerability
> Affected version : 5.3.1 and prior perhaps other...perhaps all
> PostNuke affected too.
>
> No more explanation, it is enough with cross site scripting...i'm bored with
> CSS vuln ;)
> http://www.phpnuke.org/user.php?op=userinfo&uname=<script>alert(document.coo
> kie);</script>

Avaliable here:
http://www.twlc.net/download.php?op=getit&lid=122

postnuke users (tested on rogue 0.70): rename postnuke.php into user.php and upload it replacing the old one in modules/NS-User
directory
phpnuke users (5.31): rename phpnuke531.php into user.php and upload it replacing the old one
phpnuke users (5.2): rename phpnuke52.php into user.php and upload it replacing the old one

notice that all the patches are tested and work.

--
the postnuke patch consist in adding this string after global variables in modules/NS-User/user.php in function user_user_userinfo.
if you have a versions of postnuke prior to 0.7 you may try this trick.

$var['uname'] = strip_tags($var['uname']);

kain
--
if the version of php nuke you are running isn't listed write the patch on your own! it's simple, just find the function userinfo
(in user.php located in the root dir) and add after the global variables:

$uname = strip_tags($uname);

supergate
--

peace.

supergate, shockzor, kain

http://www.twlc.net
http://www.kuht.it


________________________________________________________
http://www.sikurezza.org - Italian Security Mailing List