exploit the possibilities
Home Files News &[SERVICES_TAB]About Contact Add New

Secunia Security Advisory 34586

Secunia Security Advisory 34586
Posted Apr 6, 2009
Authored by Secunia | Site secunia.com

Secunia Security Advisory - A vulnerability has been reported in the Frontend User Registration extension for TYPO3, which can be exploited by malicious users to disclose sensitive information.

tags | advisory
SHA-256 | e44c0b696c2275f6fa6a1b83af4538ffc8edd5a6cd640cc44637b6e460c86963
Download | Favorite | View

Secunia Security Advisory 34586

Change Mirror Download
----------------------------------------------------------------------

Secunia is pleased to announce the release of the annual Secunia
report for 2008.

Highlights from the 2008 report:
 * Vulnerability Research
 * Software Inspection Results
 * Secunia Research Highlights
 * Secunia Advisory Statistics

Request the full 2008 Report here:
http://secunia.com/advisories/try_vi/request_2008_report/

Stay Secure,

Secunia


----------------------------------------------------------------------

TITLE:
TYPO3 Frontend User Registration Information Disclosure Vulnerability

SECUNIA ADVISORY ID:
SA34586

VERIFY ADVISORY:
http://secunia.com/advisories/34586/

DESCRIPTION:
A vulnerability has been reported in the Frontend User Registration
extension for TYPO3, which can be exploited by malicious users to
disclose sensitive information.

The vulnerability is caused due to insufficient access restrictions,
which can be exploited to disclose information (e.g. passwords) of
other frontend users.

Successful exploitation requires valid user access.

The vulnerability is reported in 2.5.20. Prior versions may also be
affected.

SOLUTION:
Update to version 2.5.21.

PROVIDED AND/OR DISCOVERED BY:
The vendor credits Thomas Renner and Christian Münch.

ORIGINAL ADVISORY:
http://typo3.org/teams/security/security-bulletins/typo3-sa-2009-004/

----------------------------------------------------------------------

About:
This Advisory was delivered by Secunia as a free service to help
everybody keeping their systems up to date against the latest
vulnerabilities.

Subscribe:
http://secunia.com/advisories/secunia_security_advisories/

Definitions: (Criticality, Where etc.)
http://secunia.com/advisories/about_secunia_advisories/


Please Note:
Secunia recommends that you verify all advisories you receive by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.

----------------------------------------------------------------------

Login or Register to add favorites

File Archive:

November 2024

  • Su
  • Mo
  • Tu
  • We
  • Th
  • Fr
  • Sa
  • 1
    Nov 1st
    30 Files
  • 2
    Nov 2nd
    0 Files
  • 3
    Nov 3rd
    0 Files
  • 4
    Nov 4th
    12 Files
  • 5
    Nov 5th
    44 Files
  • 6
    Nov 6th
    18 Files
  • 7
    Nov 7th
    9 Files
  • 8
    Nov 8th
    8 Files
  • 9
    Nov 9th
    3 Files
  • 10
    Nov 10th
    0 Files
  • 11
    Nov 11th
    0 Files
  • 12
    Nov 12th
    0 Files
  • 13
    Nov 13th
    0 Files
  • 14
    Nov 14th
    0 Files
  • 15
    Nov 15th
    0 Files
  • 16
    Nov 16th
    0 Files
  • 17
    Nov 17th
    0 Files
  • 18
    Nov 18th
    0 Files
  • 19
    Nov 19th
    0 Files
  • 20
    Nov 20th
    0 Files
  • 21
    Nov 21st
    0 Files
  • 22
    Nov 22nd
    0 Files
  • 23
    Nov 23rd
    0 Files
  • 24
    Nov 24th
    0 Files
  • 25
    Nov 25th
    0 Files
  • 26
    Nov 26th
    0 Files
  • 27
    Nov 27th
    0 Files
  • 28
    Nov 28th
    0 Files
  • 29
    Nov 29th
    0 Files
  • 30
    Nov 30th
    0 Files

Top Authors In Last 30 Days

File Tags

Systems

packet storm

© 2024 Packet Storm. All rights reserved.

Site Links
News by Month
News Tags
Files by Month
File Tags
File Directory
About Us
History & Purpose
Contact Information
Terms of Service
Privacy Statement
Copyright Information
Services
Security Services
Hosting By
Rokasec
close