Next Issues
Subscriptions
Publicity

Google

 Flux RSS
 











Vigil@nce: TYPO3, redirect with jumpUrl
July 2009  by Vigil@nce

An attacker can use jumpUrl to redirect TYPO3 users to a file forbidden by fileDenyPattern.

Severity: 1/4

Consequences: data reading

Provenance: internet client

Means of attack: no proof of concept, no attack

Ability of attacker: expert (4/4)

Confidence: confirmed by the editor (5/5)

Diffusion of the vulnerable configuration: low (1/3)

Creation date: 06/07/2009

IMPACTED PRODUCTS

- TYPO3

DESCRIPTION OF THE VULNERABILITY

The jumpUrl feature is used to redirect the user to a new url.

The fileDenyPattern configuration variable indicates forbidden patterns in files.

However, jumpUrl accepts to redirect to files which should be forbidden by fileDenyPattern. This error currently has no impact, but could be used by another vulnerability.

An attacker can therefore use jumpUrl to redirect TYPO3 users to a file forbidden by fileDenyPattern.

CHARACTERISTICS

Identifiers: 0011369, VIGILANCE-VUL-8839

http://vigilance.fr/vulnerability/TYPO3-redirect-with-jumpUrl-8839



< previous      next >















 
Stay informed with Global Security Mag newsletters
copyright® 2007 S.I.M. Publicité