FreeBSD : typo3 -- Multiple vulernabilities in TYPO3 Core (48bcb4b2-e708-11e1-a59d-000d601460a4)

This script is Copyright (C) 2012-2013 Tenable Network Security, Inc.

Synopsis :

The remote FreeBSD host is missing one or more security-related

Description :

Typo Security Team reports :

It has been discovered that TYPO3 Core is vulnerable to Cross-Site
Scripting, Information Disclosure, Insecure Unserialize leading to
Arbitrary Code Execution.

TYPO3 Backend Help System - Due to a missing signature (HMAC) for a
parameter in the view_help.php file, an attacker could unserialize
arbitrary objects within TYPO3. We are aware of a working exploit,
which can lead to arbitrary code execution. A valid backend user login
or multiple successful cross site request forgery attacks are required
to exploit this vulnerability.

TYPO3 Backend - Failing to properly HTML-encode user input in several
places, the TYPO3 backend is susceptible to Cross-Site Scripting. A
valid backend user is required to exploit these vulnerabilities.

TYPO3 Backend - Accessing the configuration module discloses the
Encryption Key. A valid backend user with access to the configuration
module is required to exploit this vulnerability.

TYPO3 HTML Sanitizing API - By not removing several HTML5 JavaScript
events, the API method t3lib_div::RemoveXSS() fails to filter
specially crafted HTML injections, thus is susceptible to Cross-Site
Scripting. Failing to properly encode for JavaScript the API method
t3lib_div::quoteJSvalue(), it is susceptible to Cross-Site Scripting.

TYPO3 Install Tool - Failing to properly sanitize user input, the
Install Tool is susceptible to Cross-Site Scripting.

See also :

Solution :

Update the affected packages.

Risk factor :


Family: FreeBSD Local Security Checks

Nessus Plugin ID: 61557 ()

Bugtraq ID:


Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now