Component Type: TYPO3 Core
Affected Versions: 4.2.0 - 4.2.17, 4.3.0 - 4.3.13, 4.4.0 - 4.4.10 and 4.5.0 - 4.5.5
Release Date: September 14, 2011
Vulnerable subcomponent: Caching System
Vulnerability Type: Improper error handling
Severity: Medium
Suggested CVSS v2.0: AV:N/AC:L/Au:N/C:N/I:N/A:P/E:U/RL:OF/RC:C (What's that?)
Problem Description: When configured to explicitly deny cache disabling through an URL parameter ($TYPO3_CONF_VARS['FE']['disableNoCacheParameter']), TYPO3 fails to disable caching when an invalid cache hash URL parameter (cHash) is provided. This allows an attacker to easily flood the caching tables of TYPO3.
Solution: Update to the TYPO3 versions 4.3.14, 4.4.11 or 4.5.6 that fix the problem described.
Credits: Credits go to Daniel Poetzinger who discovered and Core Team member Oliver Hader who reported the issue.
General advice: Follow the recommendations that are given in the TYPO3 Security Cookbook. Please subscribe to thetypo3-announce mailing list to receive future Security Bulletins via E-mail.