diff options
| author | Morris Jobke <hey@morrisjobke.de> | 2019-07-26 14:37:18 +0300 |
|---|---|---|
| committer | Morris Jobke <hey@morrisjobke.de> | 2019-07-26 14:37:18 +0300 |
| commit | db83d92b6f77dbebdce3de45b03a58436e803c09 (patch) | |
| tree | efee88fb367db6282c108859bce6649bc1c802d5 /advisories | |
| parent | 61d3eb4d1c8d8b55d3bc9a66ac02dc14b3e209cd (diff) | |
Add lookup server advisory
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
Diffstat (limited to 'advisories')
| -rw-r--r-- | advisories/advisories.rss | 6 | ||||
| -rw-r--r-- | advisories/full-list.php | 5 | ||||
| -rw-r--r-- | advisories/nc-sa-2019-010.php | 34 |
3 files changed, 45 insertions, 0 deletions
diff --git a/advisories/advisories.rss b/advisories/advisories.rss index 6a3d1607..f211b04e 100644 --- a/advisories/advisories.rss +++ b/advisories/advisories.rss @@ -11,6 +11,12 @@ <guid isPermaLink="true">https://nextcloud.com/security/advisory/?id=nC-SA-2019-011</guid> <pubDate>Fri, 26 Jul 2019 12:00:00 +0200</pubDate> </item><item> + <title>lookup-server: SQL Injection in lookup-server (NC-SA-2019-010)</title> + <description>Improper sanitation of user input allowed any unauthenticated user to perform SQL injection attacks.<br/><hr/><p><strong><a href="https://nextcloud.com/security/advisory/?id=nC-SA-2019-010">For more information please consult the official advisory.</a></strong></p></description> + <link>https://nextcloud.com/security/advisory/?id=nC-SA-2019-010</link> + <guid isPermaLink="true">https://nextcloud.com/security/advisory/?id=nC-SA-2019-010</guid> + <pubDate>Fri, 26 Jul 2019 12:00:00 +0200</pubDate> + </item><item> <title>Mobile App: Improper sanitization of HTML in directory names (NC-SA-2019-009)</title> <description><p>Some basic HTML tags were rendered as Markup in directory names.</p><br/><hr/><p><strong><a href="https://nextcloud.com/security/advisory/?id=nC-SA-2019-009">For more information please consult the official advisory.</a></strong></p></description> <link>https://nextcloud.com/security/advisory/?id=nC-SA-2019-009</link> diff --git a/advisories/full-list.php b/advisories/full-list.php index 5ccf26a4..ab8355a4 100644 --- a/advisories/full-list.php +++ b/advisories/full-list.php @@ -29,6 +29,11 @@ <li><a href="/security/advisory/?id=NC-SA-2019-005">SQL injection in Android app content provider (NC-SA-2019-005)</a> 2019-07-26</li> </ul> +<h3>lookup-server 0.3.0</h3> +<ul> + <li><a href="/security/advisory/?id=NC-SA-2019-010">SQL Injection in lookup-server (NC-SA-2019-010)</a> 2019-07-26</li> +</ul> + <h3>Nextcloud Server 15.0.1</h3> <ul> <li><a href="/security/advisory/?id=NC-SA-2019-001">Classification of calendar events is ignored by the activity stream (NC-SA-2019-001)</a> 2019-04-12</li> diff --git a/advisories/nc-sa-2019-010.php b/advisories/nc-sa-2019-010.php new file mode 100644 index 00000000..90678881 --- /dev/null +++ b/advisories/nc-sa-2019-010.php @@ -0,0 +1,34 @@ +<div class="row page-content-header"> +<div class="col-md-12"> + <h1>Security Advisory</h1> + <a href="/security/advisories/">Back to advisories</a> +</div> +</div> +<div class="row"> + <div class="col-md-12"> + <h2>SQL Injection in lookup-server (NC-SA-2019-010)</h2> + <p>26th July 2019</p> + <p>Risk level: <strong>Low</strong></p> + <p>CVSS v3 Base Score: 10 (<a href="https://www.first.org/cvss/calculator/3.0#CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N">AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N</a>)</p> + <p>CWE: <a href="https://cwe.mitre.org/data/definitions/89.html">SQL Injection (CWE-89)</a></p> + <p>HackerOne report: <a href="https://hackerone.com/reports/508487">508487</a></p> + <h3>Description</h3> + <p>Improper sanitation of user input allowed any unauthenticated user to perform SQL injection attacks.</p> + <h3>Affected Software</h3> + <ul> + <li>Nextcloud Lookup-server < <strong>0.3.0</strong> (CVE assignment pending)</li> + + </ul> + <h3>Action Taken</h3> + <p>The error has been fixed.</p> + <h3>Resolution</h3> + <p>It is recommended that all instances are upgraded to at least version 0.3.0.</p> + <h3>Acknowledgements</h3> + <p>The Nextcloud team thanks the following people for their research and responsible disclosure of the above advisory:</p> + <ul> + <li>Leon Klingele (security@leonklingele.de) - Vulnerability discovery and disclosure.</li> + </ul> + <br/> + <small style="color:grey">This advisory is licensed <a href="https://creativecommons.org/licenses/by-sa/4.0/">CC BY-SA 4.0</a>.</small> + </div> +</div> |