Contributed by CVE references:
- missing input validation within /modules/Modules/pnadmin.php
- missing input validation within /includes/blocks/past.php
- missing output validation within /modules/Downloads/admin.php
- missing input validation within /modules/Downloads/dl-util.php
- missing input validation within /modules/Downloads/dl-search.php
- possible path disclosure within /modules/News/index.php
It is recommended that all admins do an immediate upgrade of their sites to v0.750 then apply the latest security fix package available from the locations listed below.
Please note the main package has been updated to include this advisory so there is no need to apply this patch if you have downloaded PostNuke after the date of this announcement.
1. PostNuke 0.750 (tar.gz format)
SIZE: 2410936 Bytes
MD5 checksum: dcb276fa0aae4e22764eb22fd66ccd09
SHA1 checksum: bc8c5ccde62312956f72a144e67efbf65bf82349
2. PostNuke 0.750 (zip format)
SIZE: 3408707 Bytes
MD5 checksum: f49e17d4040892634c53b9fb5afe650c
SHA1 checksum: 82590102de8b0171993eaf94cc73006ad84ae752
3. Security Fix (changed files only) for PostNuke 0.750 (tar.gz format)
SIZE: 26990 Bytes
MD5 checksum: 2e654367bda64f8e9944273991997068
SHA1 checksum: fde99e26357003a8fd36aa7fde0da2859dc2c0b5
4. Security Fix (changed files only) for PostNuke 0.750 (.zip format)
SIZE: 32088 Bytes
MD5 checksum: e8b118732f19aa55d80550f6fe4d0caa
SHA1 checksum: f018e4f1d5339dce4b6a8419ac98a555c89945a2
1. PostNuke 0.760RC3 (tar.gz format)
SIZE: 2936077 Bytes
MD5 checksum: FE0A655663073F9F68F878359CD459B3
SHA1 checksum: 7DCE900CE0B4A4940AB18143FE2B82FB526DBC89
2. PostNuke 0.760RC3 (zip format)
SIZE: 4265380 Bytes
MD5 checksum: c2cce796bbf803c7018fa2f4b2891c9f
SHA1 checksum: cb5dc8953a562bcf07bca392dcbe18009942e32c
Place the files contained in this patch into the appropriate PostNuke directory that replaces the current files because by doing this you are applying the security fix to the system fix and this is what is meant by "patching" your system.
If you would like to receive security updates in the future, please subscribe to the PostNuke security list.
SPECIAL NOTE FOR .760RC3
PostNuke .760RC3 is not recommended for production sites. If performing an upgrade to .760 please review manual.txt carefully. Many of the core system modules are upgraded in this release so the process needs to be followed exactly.
The exploits have been originally found by Maksymilian Arciemowicz from http://www.securityreason.com/ and were reported via security contact.
Andreas Krapohl <larsneo>, PostNuke Development Team
February 28th, 2005