SQL Injection in system extension indexed_search

2007-12-10T00:00:00
ID TYPO3-20071210-1
Type typo3
Reporter TYPO3 Association
Modified 2007-12-10T00:00:00

Description

It has been discovered that the system extension indexed_search is vulnerable to a SQL Injection flaw.

Component Type: System extension, part of the TYPO3 default installation.

Affected Versions: TYPO3 versions 3.x, 4.0 to 4.0.7, 4.1 to 4.1.3.

Vulnerability Type: SQL Injection.

Severity: Low.

Problem Description:
The system extension indexed_search is vulnerable to a SQL Injection. To exploit this flaw it is necessary to be a logged-on backend user.

Solution:
If you use TYPO3 4.1.x, update to TYPO3 version 4.1.4 or later.
If you use TYPO3 3.x or 4.0.x, update to TYPO3 version 4.0.8 or later.

General advice:*
Download the latest version of TYPO3 here.
*
Further information regarding SQL Injections can be found at Wikipedia.
Follow the recommendations that are given in the TYPO3 Security Cookbook.
Check the TYPO3 security bulletin page frequently for updates. The page is located at http://typo3.org/teams/security/security-bulletins/.

Credits: Credits go to Henning Pingel, who discovered the issue, and Andreas Otto, who supplied a patch for this issue.