[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#278518: marked as done (KDE 3.2.2 (sarge) Konqueror suffers XSS vuln.)

Your message dated Wed, 27 Oct 2004 16:00:07 +0200
with message-id <20041027140007.GA360@chistera.yi.org>
and subject line Bug#278518: KDE 3.2.2 (sarge) Konqueror suffers XSS vuln.
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 27 Oct 2004 13:44:49 +0000
>From yanosz@gmx.net Wed Oct 27 06:44:49 2004
Return-path: <yanosz@gmx.net>
Received: from pop.gmx.net (mail.gmx.net) [213.165.64.20] 
	by spohr.debian.org with smtp (Exim 3.35 1 (Debian))
	id 1CMo6b-0002Gh-00; Wed, 27 Oct 2004 06:44:49 -0700
Received: (qmail 31362 invoked by uid 65534); 27 Oct 2004 13:44:17 -0000
Received: from dial-194-8-196-75.netcologne.de (EHLO dagobert) (194.8.196.75)
  by mail.gmx.net (mp016) with SMTP; 27 Oct 2004 15:44:17 +0200
X-Authenticated: #4240698
From: "Yanosz" <yanosz@gmx.net>
To: submit@bugs.debian.org
Subject: KDE 3.2.2 (sarge) Konqueror suffers XSS vuln.
Date: Wed, 27 Oct 2004 15:45:21 +0200
User-Agent: KMail/1.6.2
Cc: full-disclosure@lists.netsys.com,
 debian-security@lists.debian.org
MIME-Version: 1.0
Content-Disposition: inline
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: quoted-printable
Message-Id: <[🔎] 200410271545.21782.yanosz@gmx.net>
Delivered-To: submit@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-8.0 required=4.0 tests=BAYES_00,HAS_PACKAGE 
	autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

Package: Konqueror
Version: 3.2.2-1 (sarge)
Severity: Important

In contrast to other browsers like firefox, Konqueror allows JavaScript to=
=20
access other frames in a frameset, loaded with from different (sub)domain. =
By=20
that enclosed / secret data can be read through a hidden frameset.
See http://groenndemon.de/bla for demonstration.

(I'd like also to thank the webmaster for motivating me to explore that iss=
ue=20
and setting a wegpage up for demonstration)

(Translation: Action =C4ndern -> Change action
Passwort klauen -> steel password
Abschicken -> submit)

Please verify this issue on other versions - 3.1.4 seems to be affected as=
=20
well.

Keep smiling
yanosz

---------------------------------------
Received: (at 278518-done) by bugs.debian.org; 27 Oct 2004 14:00:47 +0000
>From asp16@alu.ua.es Wed Oct 27 07:00:47 2004
Return-path: <asp16@alu.ua.es>
Received: from 84-120-65-92.onocable.ono.com (chistera.yi.org) [84.120.65.92] 
	by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
	id 1CMoM1-0003Zj-00; Wed, 27 Oct 2004 07:00:47 -0700
Received: from userid 1000 by chistera.yi.org with local (Exim 4.34) 
	  id 1CMoLP-00009X-9R; Wed, 27 Oct 2004 16:00:07 +0200
Date: Wed, 27 Oct 2004 16:00:07 +0200
From: Adeodato =?iso-8859-1?Q?Sim=F3?= <asp16@alu.ua.es>
To: Yanosz <yanosz@gmx.net>, 278518-done@bugs.debian.org
Cc: full-disclosure@lists.netsys.com, debian-security@lists.debian.org
Subject: Re: Bug#278518: KDE 3.2.2 (sarge) Konqueror suffers XSS vuln.
Message-ID: <20041027140007.GA360@chistera.yi.org>
Mail-Followup-To: Yanosz <yanosz@gmx.net>, 278518-done@bugs.debian.org,
	full-disclosure@lists.netsys.com, debian-security@lists.debian.org
References: <[🔎] 200410271545.21782.yanosz@gmx.net>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
Content-Transfer-Encoding: 8bit
In-Reply-To: <[🔎] 200410271545.21782.yanosz@gmx.net>
X-No-CC: Please respect my Mail-Followup-To header
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: 278518-done@bugs.debian.org
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2004_03_25 
	(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-4.8 required=4.0 tests=BAYES_00,FROM_ENDS_IN_NUMS,
	HAS_BUG_NUMBER autolearn=no version=2.60-bugs.debian.org_2004_03_25
X-Spam-Level: 

* Yanosz [Wed, 27 Oct 2004 15:45:21 +0200]:
> Package: Konqueror
> Version: 3.2.2-1 (sarge)
> Severity: Important

> In contrast to other browsers like firefox, Konqueror allows JavaScript to 
> access other frames in a frameset, loaded with from different (sub)domain. By 
> that enclosed / secret data can be read through a hidden frameset.
> See http://groenndemon.de/bla for demonstration.

  please see http://bugs.debian.org/261740. version 3.2.3-1.sarge.1
  (available in testing-proposed-updates) fixed the vulnerability and
  will be included in sarge.

  you can use this version by adding this line to your sources.list:

    deb http://your.mirror.debian.org/debian sarge-proposed-updates main

  thanks,

-- 
Adeodato Simó
    EM: asp16 [ykwim] alu.ua.es | PK: DA6AE621
 
If there is a sin against life, it consists perhaps not so much in
despairing of life as in hoping for another life and in eluding the
implacable grandeur of this life.
                -- Albert Camus
Reply to: