• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

kses Multiple Input Validation Vulnerabilities

Solution:
Reportedly, the kses project has been abandoned.

Fixes and advisories are available for several projects that incorporate vulnerable versions of kses. Please see the references for more information.


Ubuntu Ubuntu Linux 7.10 powerpc

• Ubuntu moodle_1.8.2-1ubuntu2.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/main/m/moodle/moodle_1.8.2-1ubu ntu2.1_all.deb

WordPress WordPress 2.1

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

Debian Linux 5.0 alpha

• Debian wordpress_2.5.1-11+lenny1_all.deb
  http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.5 .1-11+lenny1_all.deb

eGroupWare eGroupWare 1.2.106-2

• eGroupWare eGroupWare-1.4.003-2.tar.gz
  http://downloads.sourceforge.net/egroupware/eGroupWare-1.4.003-2.tar.g z?modtime=1205969346&big_mirror=1

Debian Linux 4.0 amd64

• Debian moodle_1.6.3-2+etch1_all.deb
  http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+e tch1_all.deb


• Debian wordpress_2.0.10-1etch4_all.deb
  http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.0 .10-1etch4_all.deb

Debian Linux 4.0 ia-32

• Debian moodle_1.6.3-2+etch1_all.deb
  http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+e tch1_all.deb


• Debian wordpress_2.0.10-1etch4_all.deb
  http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.0 .10-1etch4_all.deb

WordPress WordPress 2.0.10-RC2

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

Debian Linux 5.0 armel

• Debian wordpress_2.5.1-11+lenny1_all.deb
  http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.5 .1-11+lenny1_all.deb

Debian Linux 5.0 mips

• Debian wordpress_2.5.1-11+lenny1_all.deb
  http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.5 .1-11+lenny1_all.deb

Debian Linux 4.0 mips

• Debian moodle_1.6.3-2+etch1_all.deb
  http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+e tch1_all.deb


• Debian wordpress_2.0.10-1etch4_all.deb
  http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.0 .10-1etch4_all.deb

Debian Linux 5.0 sparc

• Debian wordpress_2.5.1-11+lenny1_all.deb
  http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.5 .1-11+lenny1_all.deb

Debian Linux 4.0 arm

• Debian moodle_1.6.3-2+etch1_all.deb
  http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+e tch1_all.deb


• Debian wordpress_2.0.10-1etch4_all.deb
  http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.0 .10-1etch4_all.deb

Debian Linux 4.0 powerpc

• Debian moodle_1.6.3-2+etch1_all.deb
  http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+e tch1_all.deb


• Debian wordpress_2.0.10-1etch4_all.deb
  http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.0 .10-1etch4_all.deb

Debian Linux 4.0 m68k

• Debian moodle_1.6.3-2+etch1_all.deb
  http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+e tch1_all.deb


• Debian wordpress_2.0.10-1etch4_all.deb
  http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.0 .10-1etch4_all.deb

Debian Linux 5.0 s/390

• Debian wordpress_2.5.1-11+lenny1_all.deb
  http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.5 .1-11+lenny1_all.deb

Ubuntu Ubuntu Linux 8.04 LTS lpia

• Ubuntu moodle_1.8.2-1ubuntu4.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/main/m/moodle/moodle_1.8.2-1ubu ntu4.1_all.deb

Ubuntu Ubuntu Linux 7.10 lpia

• Ubuntu moodle_1.8.2-1ubuntu2.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/main/m/moodle/moodle_1.8.2-1ubu ntu2.1_all.deb

WordPress WordPress 2.1.3-RC1

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

Debian Linux 5.0 hppa

• Debian wordpress_2.5.1-11+lenny1_all.deb
  http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.5 .1-11+lenny1_all.deb

Debian Linux 4.0 sparc

• Debian moodle_1.6.3-2+etch1_all.deb
  http://security.debian.org/pool/updates/main/m/moodle/moodle_1.6.3-2+e tch1_all.deb


• Debian wordpress_2.0.10-1etch4_all.deb
  http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.0 .10-1etch4_all.deb

Debian Linux 5.0 m68k

• Debian wordpress_2.5.1-11+lenny1_all.deb
  http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.5 .1-11+lenny1_all.deb

WordPress WordPress 2.2 Revision 5003

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

Ubuntu Ubuntu Linux 7.10 amd64

• Ubuntu moodle_1.8.2-1ubuntu2.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/main/m/moodle/moodle_1.8.2-1ubu ntu2.1_all.deb

Ubuntu Ubuntu Linux 8.04 LTS i386

• Ubuntu moodle_1.8.2-1ubuntu4.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/main/m/moodle/moodle_1.8.2-1ubu ntu4.1_all.deb

eGroupWare eGroupWare 1.2.107-2

• eGroupWare eGroupWare-1.4.003-2.tar.gz
  http://downloads.sourceforge.net/egroupware/eGroupWare-1.4.003-2.tar.g z?modtime=1205969346&big_mirror=1

Debian Linux 5.0 ia-64

• Debian wordpress_2.5.1-11+lenny1_all.deb
  http://security.debian.org/pool/updates/main/w/wordpress/wordpress_2.5 .1-11+lenny1_all.deb

Ubuntu Ubuntu Linux 8.04 LTS powerpc

• Ubuntu moodle_1.8.2-1ubuntu4.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/main/m/moodle/moodle_1.8.2-1ubu ntu4.1_all.deb

Ubuntu Ubuntu Linux 8.04 LTS sparc

• Ubuntu moodle_1.8.2-1ubuntu4.1_all.deb
  http://security.ubuntu.com/ubuntu/pool/main/m/moodle/moodle_1.8.2-1ubu ntu4.1_all.deb

WordPress WordPress 0.7

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

eGroupWare eGroupWare 1.0 .0.007

• eGroupWare eGroupWare-1.4.003-2.tar.gz
  http://downloads.sourceforge.net/egroupware/eGroupWare-1.4.003-2.tar.g z?modtime=1205969346&big_mirror=1

eGroupWare eGroupWare 1.0.1

• eGroupWare eGroupWare-1.4.003-2.tar.gz
  http://downloads.sourceforge.net/egroupware/eGroupWare-1.4.003-2.tar.g z?modtime=1205969346&big_mirror=1

eGroupWare eGroupWare 1.0.3

• eGroupWare eGroupWare-1.4.003-2.tar.gz
  http://downloads.sourceforge.net/egroupware/eGroupWare-1.4.003-2.tar.g z?modtime=1205969346&big_mirror=1

eGroupWare eGroupWare 1.0.6

• eGroupWare eGroupWare-1.4.003-2.tar.gz
  http://downloads.sourceforge.net/egroupware/eGroupWare-1.4.003-2.tar.g z?modtime=1205969346&big_mirror=1

WordPress WordPress 1.2

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

WordPress WordPress 1.2.1

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

WordPress WordPress 1.2.2

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

Moodle moodle 1.3

• Moodle moodle-1.9.tgz
  http://download.moodle.org/download.php/stable19/moodle-1.9.tgz

WordPress WordPress 1.3.1

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

Moodle moodle 1.3.2

• Moodle moodle-1.9.tgz
  http://download.moodle.org/download.php/stable19/moodle-1.9.tgz

Moodle moodle 1.3.3

• Moodle moodle-1.9.tgz
  http://download.moodle.org/download.php/stable19/moodle-1.9.tgz

Moodle moodle 1.3.4

• Moodle moodle-1.9.tgz
  http://download.moodle.org/download.php/stable19/moodle-1.9.tgz

Moodle moodle 1.4.1

• Moodle moodle-1.9.tgz
  http://download.moodle.org/download.php/stable19/moodle-1.9.tgz

eGroupWare eGroupWare 1.4.1

• eGroupWare eGroupWare-1.4.003-2.tar.gz
  http://downloads.sourceforge.net/egroupware/eGroupWare-1.4.003-2.tar.g z?modtime=1205969346&big_mirror=1

eGroupWare eGroupWare 1.4.2

• eGroupWare eGroupWare-1.4.003-2.tar.gz
  http://downloads.sourceforge.net/egroupware/eGroupWare-1.4.003-2.tar.g z?modtime=1205969346&big_mirror=1

Moodle moodle 1.4.2

• Moodle moodle-1.9.tgz
  http://download.moodle.org/download.php/stable19/moodle-1.9.tgz

Moodle moodle 1.5

• Moodle moodle-1.9.tgz
  http://download.moodle.org/download.php/stable19/moodle-1.9.tgz

Moodle moodle 1.5.1

• Moodle moodle-1.9.tgz
  http://download.moodle.org/download.php/stable19/moodle-1.9.tgz

WordPress WordPress 1.5.1

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

WordPress WordPress 1.5.1 .2

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

WordPress WordPress 1.5.2

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

Moodle moodle 1.5.2

• Moodle moodle-1.9.tgz
  http://download.moodle.org/download.php/stable19/moodle-1.9.tgz

BEA Systems Weblogic Proxy Plugin 1.5.3 +

• Moodle moodle-1.9.tgz
  http://download.moodle.org/download.php/stable19/moodle-1.9.tgz

Moodle moodle 1.6 dev

• Moodle moodle-1.9.tgz
  http://download.moodle.org/download.php/stable19/moodle-1.9.tgz

Moodle moodle 1.6.1

• Moodle moodle-1.9.tgz
  http://download.moodle.org/download.php/stable19/moodle-1.9.tgz

Moodle moodle 1.6.2

• Moodle moodle-1.9.tgz
  http://download.moodle.org/download.php/stable19/moodle-1.9.tgz

Moodle moodle 1.8.3

• Moodle moodle-1.9.tgz
  http://download.moodle.org/download.php/stable19/moodle-1.9.tgz

Dokeos Open Source Learning & Knowledge Management Tool 1.8.4 SP2

• Dokeos dokeos-1.8.4-SP3.zip
  http://www.dokeos.com/download/dokeos-1.8.4-SP3.zip

Dokeos Open Source Learning & Knowledge Management Tool 1.8.4

• Dokeos dokeos-1.8.4-SP3.zip
  http://www.dokeos.com/download/dokeos-1.8.4-SP3.zip

WordPress WordPress 2.0

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

WordPress WordPress 2.0.1

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

WordPress WordPress 2.0.11

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

WordPress WordPress 2.0.3

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

WordPress WordPress 2.0.5

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

WordPress WordPress 2.1.1

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

WordPress WordPress 2.1.2

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

WordPress WordPress 2.2.1

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

WordPress WordPress 2.3.1

• WordPress Wordpress 2.5
  http://wordpress.org/latest.tar.gz

MandrakeSoft Corporate Server 3.0

• Mandriva egroupware-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-addressbook-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-backup-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-bookmarks-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-calendar-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-comic-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-developer_tools-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-email-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-emailadmin-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-etemplate-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-felamimail-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-filemanager-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-forum-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-ftp-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-fudforum-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-headlines-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-infolog-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-jinn-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-messenger-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-news_admin-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-phpbrain-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-phpldapadmin-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-phpsysinfo-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-polls-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-projects-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-registration-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-sitemgr-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-skel-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-stocks-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-tts-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/


• Mandriva egroupware-wiki-1.0-0.RC3.1.2.C30mdk.noarch.rpm
  http://www.mandriva.com/en/download/