FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

postfixadmin -- Multiple Vulnerabilities

Affected packages
postfixadmin < 2.3.5

Details

VuXML ID 93688f8f-4935-11e1-89b4-001ec9578670
Discovery 2012-01-27
Entry 2012-01-27

The Postfix Admin Team reports:

Multiple XSS vulnerabilities exist:
- XSS with $_GET[domain] in templates/menu.php and edit-vacation
- XSS in some create-domain input fields
- XSS in create-alias and edit-alias error message
- XSS (by values stored in the database) in fetchmail list view, list-domain and list-virtual

Multiple SQL injection issues exist:
- SQL injection in pacrypt() (if $CONF[encrypt] == 'mysql_encrypt')
- SQL injection in backup.php - the dump was not mysql_escape()d, therefore users could inject SQL (for example in the vacation message) which will be executed when restoring the database dump. WARNING: database dumps created with backup.php from 2.3.4 or older might contain malicious SQL. Double-check before using them!

References

CVE Name CVE-2012-0811
CVE Name CVE-2012-0812
URL http://sourceforge.net/projects/postfixadmin/forums/forum/676076/topic/4977778