Changeset View
Changeset View
Standalone View
Standalone View
security/vuxml/vuln.xml
- This file is larger than 256 KB, so syntax highlighting is disabled by default.
| Show First 20 Lines • Show All 52 Lines • ▼ Show 20 Lines | |||||
| Help is also available from ports-security@freebsd.org. | Help is also available from ports-security@freebsd.org. | ||||
| Notes: | Notes: | ||||
| * Please add new entries to the beginning of this file. | * Please add new entries to the beginning of this file. | ||||
| * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) | * Do not forget port variants (linux-f10-libxml2, libxml2, etc.) | ||||
| --> | --> | ||||
| <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> | <vuxml xmlns="http://www.vuxml.org/apps/vuxml-1"> | ||||
| <vuln vid="f714d8ab-028e-11e7-8042-50e549ebab6c"> | |||||
| <topic>kio: Information Leak when accessing https when using a malicious PAC file</topic> | |||||
| <affects> | |||||
| <package> | |||||
| <name>kdelibs4</name> | |||||
| <range><lt>kdelibs-4.14.29_1</lt></range> | |||||
| </package> | |||||
| <package> | |||||
| <name>kf5-kio</name> | |||||
| <range><lt>5.31.0_1</lt></range> | |||||
| </package> | |||||
| </affects> | |||||
| <description> | |||||
| <body xmlns="http://www.w3.org/1999/xhtml"> | |||||
| <p>Albert Astals Cid reports:</p> | |||||
| <blockquote cite="https://www.kde.org/info/security/advisory-20170228-1.txt"> | |||||
| <p>Using a malicious PAC file, and then using exfiltration methods in the PAC | |||||
| function FindProxyForURL() enables the attacker to expose full https URLs.</p> | |||||
| <p>This is a security issue since https URLs may contain sensitive | |||||
| information in the URL authentication part (user:password@host), and in the | |||||
| path and the query (e.g. access tokens).</p> | |||||
| <p>This attack can be carried out remotely (over the LAN) since proxy settings | |||||
| allow "Detect Proxy Configuration Automatically". | |||||
| This setting uses WPAD to retrieve the PAC file, and an attacker who has access | |||||
| to the victim's LAN can interfere with the WPAD protocols (DHCP/DNS+HTTP) | |||||
| and inject his/her own malicious PAC instead of the legitimate one.</p> | |||||
| </blockquote> | |||||
| </body> | |||||
| </description> | |||||
| <references> | |||||
| <url>https://www.kde.org/info/security/advisory-20170228-1.txt</url> | |||||
| </references> | |||||
| <dates> | |||||
| <discovery>2017-02-28</discovery> | |||||
| <entry>2017-03-06</entry> | |||||
| </dates> | |||||
| </vuln> | |||||
| <vuln vid="71ebbc50-01c1-11e7-ae1b-002590263bf5"> | <vuln vid="71ebbc50-01c1-11e7-ae1b-002590263bf5"> | ||||
| <topic>codeigniter -- multiple vulnerabilities</topic> | <topic>codeigniter -- multiple vulnerabilities</topic> | ||||
| <affects> | <affects> | ||||
| <package> | <package> | ||||
| <name>codeigniter</name> | <name>codeigniter</name> | ||||
| <range><lt>3.1.3</lt></range> | <range><lt>3.1.3</lt></range> | ||||
| </package> | </package> | ||||
| </affects> | </affects> | ||||
| ▲ Show 20 Lines • Show All 32,759 Lines • Show Last 20 Lines | |||||