Results 1 to 2 of 2

Hybrid View

  1. #1
    Join Date
    Jun 2003
    Location
    Newcastle UK
    Posts
    2,896
    Blog Entries
    2
    Plugin Contributions
    2

    Default Zero-Day XSS Security Fix (applies to all versions)

    We recently released a security patch to address an XSS vulnerability with the admin login page. Zen Cart takes security very seriously, and in addition to responding to published security alerts as quickly as possible, we also try where we can to preempt those people that attempt to use published vulnerabilities to craft new hacks.

    As such, and after a review of Admin code, and on a zero-day basis we are releasing a patch to admin code that addresses (so far unpublished) possible XSS vulnerabilities in Zen Cart.

    The patch instructions are shown below.
    A zip of this changed file will be posted on SourceForge shortly.

    v1.3.6 and newer ... already has these fixes built-in.
    v1.3.5 -- this patch has been added to the list of released files here:
    http://sourceforge.net/project/showf...ease_id=444622

    For older releases:
    For v1.3.0.x the fixes are the same for each:
    V1.3.0.2 http://sourceforge.net/project/showf...ease_id=426669
    V1.3.0.1 http://sourceforge.net/project/showf...ease_id=412075
    V1.3.0.0 http://sourceforge.net/project/showf...ease_id=405704

    For v1.2.x the fixes are the same for each 1.2.x edition:
    V1.2.7 http://sourceforge.net/project/showf...ease_id=392886
    V1.2.6 http://sourceforge.net/project/showf...ease_id=350699

    Older v1.2.x releases: http://sourceforge.net/project/showf...kage_id=125709

    For versions prior to v1.2.4 -- please upgrade or apply the patches manually by merging changed files from a newer release.


    ================================
    Today's XSS fix announcement can be implemented manually as follows:

    V1.3.x
    At the bottom of /admin/includes/init_includes/init_general_funcs.php
    add the following code before the closing ?>
    Code:
    //-----------------
        if (isset($_GET) & sizeof($_GET) > 0 ) {
          foreach ($_GET as $key=>$value) {
            $_GET[$key] = strip_tags($value);
          }
        }
    //-----------------
    V1.2.x
    Create a new file:
    /admin/includes/functions/extra_functions/sanitize_against_xss.php
    Containing the following code:
    Code:
    <?php
    /**
     * @package admin
     * @copyright Copyright 2003-2006 Zen Cart Development Team
     * @license http://www.zen-cart.com/license/2_0.txt GNU Public License V2.0
     * @version $Id: sanitize_against_xss.php 4682 2006-10-06 20:52:56Z wilt $
     */
        if (isset($_GET) & sizeof($_GET) > 0 ) {
          foreach ($_GET as $key=>$value) {
            $_GET[$key] = strip_tags($value);
          }
        }
    ?>
    (Be sure not to have any blank lines after the closing ?> )

  2. #2
    Join Date
    Jun 2003
    Location
    Newcastle UK
    Posts
    2,896
    Blog Entries
    2
    Plugin Contributions
    2

    Default Re: v1.3.5 zero-day security fix

    Just wanted to say thanks to drbyte for putting the patch file together, and for helping in phrasing this release

 

 

Similar Threads

  1. Replies: 1
    Last Post: 2 Dec 2015, 07:31 PM
  2. xss fix vs google checkout - how do I do this?
    By fats1964 in forum General Questions
    Replies: 0
    Last Post: 5 Jul 2007, 05:04 PM
  3. [FIX] v1.3.5 XSS Exploits Found
    By catv in forum Bug Reports
    Replies: 19
    Last Post: 29 Oct 2006, 05:51 PM
  4. Zero-Day XSS Security Fix
    By athena in forum General Questions
    Replies: 2
    Last Post: 12 Oct 2006, 08:17 PM

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •  
disjunctive-egg
Zen-Cart, Internet Selling Services, Klamath Falls, OR