Boinc web components security issues

[gulftech]

Hi guys,

I have found several security issues in the boinc web interface components. The issues range from cross site scripting, to sql injection, to arbitrary variable overwriting. These issues are present on the latest version of Boinc that I downloaded from the code repository last night.

Since these are security issues I would prefer to not post these issues in this bug report (and I dont see a mark as private option) but will talk about the issues in detail with any developer who would like to contact me (security [a.t] gulftech [d.o.t] org).

Otherwise I can post details here, but I would not want to do this unless you guys specifically asked me to.

Kind Regards,

James Bercegay

[Pepo]

I have no idea whether the changeset [15975] is independent, somehow related to this ticket, or even a direct response to it. I'm also aware of how dangerous it actually is to describe a list of security issues and simultaneously to list patches to close them.

OTOH possibly just doing so might convince some project admins to apply related patches to their systems (if they are at least fairly recent, otherwise the patches might not apply at all and the persons would just delay the fixing to "a more appropriate time").

Could you at least briefly describe the vulnerabilities and their possible effects? (Maybe at a later point, to give the prompt admins some necessary time to react.) It might explain some issues, occasionally happening on some projects.

[Nicolas]

I think this was fixed in [15975] and others. David Anderson probably contacted gulftech privately.