Issue Details (XML | Word | Printable)

Key: CONF-10289
Type: Bug Bug
Status: Resolved Resolved
Resolution: Fixed
Priority: Blocker Blocker
Assignee: Paul Curren [Atlassian]
Reporter: Mary Johnson
Votes: 0
Watchers: 0
Operations

If you were logged in you would be able to see more operations.
Confluence

Security vulnerability with Dashboard spacesSelectedTab

Created: 19/Dec/07 08:16 AM   Updated: 05/Mar/08 12:05 AM
Component/s: Dashboard, Security
Affects Version/s: 2.6-dr1, 2.6.0, 2.6.1, 2.6.2, 2.7
Fix Version/s: 2.7.1

Time Tracking:
Not Specified

File Attachments: 1. Microsoft Word Appscan_highalert.rtf (6 kB)
2. File RecentlyUpdatedContentMacro-2.6.diff (1 kB)
3. File RecentlyUpdatedContentMacro.class (18 kB)
4. File RecentlyUpdatedContentMacro.class (18 kB)
Environment: RHEL 4 64-bit, jdk1.5.0_10, Confluence Standalone

Participants: Dave Loeng [Atlassian], Mary Johnson and Paul Curren [Atlassian]
Since last comment: 26 weeks, 5 days ago
Resolution Date: 23/Dec/07 10:51 PM
Labels:


 Description  « Hide
Our security team has reported the following vulnerability, which must be resolved for us to use the application.

> Severity: High
> Test Type: Application
> Vulnerable URL: https://gforgewiki.nci.nih.gov/dashboard.action
> (Parameter =
> spacesSelectedTab)
> Remediation Tasks: Filter out hazardous characters from user input

 All   Comments   Work Log   Change History      Sort Order: Ascending order - Click to sort in descending order
[ Permlink | « Hide ]
Paul Curren [Atlassian] added a comment - 23/Dec/07 07:59 PM
Fix has been merged to 2.7.1 release.
Patches for 2.6.2 and 2.7 will be created shortly.

[ Permlink | « Hide ]
Paul Curren [Atlassian] added a comment - 23/Dec/07 10:50 PM
The attached class files can be used to patch a 2.6.2 Confluence instance or a 2.7 install. When 2.7.1 is released it will include the fix.

The patch for Confluence 2.6.2 is the attachment called RecentlyUpdatedContentMacro.class which is dated 23rd December, 10:38pm. The md5 checksum is 62bbd048b7f8c3219edef3d976c55cf8
The patch for Confluence 2.7 is the attachment called RecentlyUpdatedContentMacro.class which is dated 23rdrd December 10:28pm. The md5 checksum is 2249097a8bbd21d67e5fe2ff9ae91a9d

In each case the install instructions are -

  1. Within your confluence installation, at confluence/WEB-INF/classes create the directory com/atlassian/confluence/renderer/radeox/macros.
  2. Copy the appropriate class file to this newly created directory.
  3. Restart Confluence.

[ Permlink | « Hide ]
Dave Loeng [Atlassian] added a comment - 05/Mar/08 12:05 AM
This issue only affects Confluence version 2.6 and 2.7. Customers using earlier versions need not worry about this vulnerability.


Powered by Atlassian JIRA the Professional Issue Tracker. (Enterprise Edition, Version: 3.13-#330) - Bug/feature request - Atlassian news - Contact Administrators