MDKSA-2005:212 - Updated egroupware packages to address phpldapadmin, phpsysinfo vulnerabilities

From: Mandriva Security Team (security_at_mandriva.com)
Date: 11/16/05

  • Next message: papipsycho_at_hotmail.com: "Buffer OverFlow For Php 4.3.10 and other ?? Local"
    To: bugtraq@securityfocus.com
    Date: Wed, 16 Nov 2005 12:21:00 -0700
    
    

    -----BEGIN PGP SIGNED MESSAGE-----
    Hash: SHA1

     _______________________________________________________________________
     
     Mandriva Linux Security Advisory MDKSA-2005:212
     http://www.mandriva.com/security/
     _______________________________________________________________________
     
     Package : egroupware
     Date : November 16, 2005
     Affected: Corporate 3.0
     _______________________________________________________________________
     
     Problem Description:
     
     Egroupware contains embedded copies of several php based projects,
     including phpldapadmin and phpsysinfo.
     
     Phpldapadmin before 0.9.6c allows remote attackers to gain anonymous
     access to the LDAP server, even when disable_anon_bind is set, via an
     HTTP request to login.php with the anonymous_bind parameter set.
     (CAN-2005-2654)
     
     Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6
     and 0.9.7 allows remote attackers to read arbitrary files via a ..
     (dot dot) in the custom_welcome_page parameter. (CAN-2005-2792)
     
     PHP remote code injection vulnerability in welcome.php in phpLDAPadmin
     0.9.6 and 0.9.7 allows remote attackers to execute arbitrary PHP code
     via the custom_welcome_page parameter. (CAN-2005-2793)
     
     Maksymilian Arciemowicz discovered several cross site scripting issues
     in phpsysinfo, a PHP based host information application.
     (CAN-2005-0869, 0870)
     
     Christopher Kunz discovered that local variables in phpsysinfo get
     overwritten unconditionally and are trusted later, which could lead to
     the inclusion of arbitrary files. (CAN-2005-3347)
     
     Christopher Kunz discovered that user-supplied input in phpsysinfo is
     used unsanitised, causing a HTTP Response splitting problem.
     (CAN-2005-3348)
     
     The updated packages have new versions of these subsystems to correct
     these issues.
     _______________________________________________________________________

     References:
     
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2654
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2792
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2793
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0869
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0870
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3347
     http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3348
     _______________________________________________________________________
     
     Updated Packages:
     
     Corporate 3.0:
     ede368f20b1e00144278800d3b6bf468 corporate/3.0/RPMS/egroupware-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     8260713a9c28f6f7c7b08630af98b80c corporate/3.0/RPMS/egroupware-addressbook-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     053e62d63d08566a51f5a4caed575920 corporate/3.0/RPMS/egroupware-backup-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     9d2a654955fd2dc83f965366a2af77a0 corporate/3.0/RPMS/egroupware-bookmarks-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     ee1d890db9e37afaa9ddd5caeab02223 corporate/3.0/RPMS/egroupware-calendar-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     26ecafedde93c891562ed679f833f1f0 corporate/3.0/RPMS/egroupware-comic-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     eecee2ff5e2c5beb36c4592235227d9d corporate/3.0/RPMS/egroupware-developer_tools-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     153f3f86f72b627c3f12eb44715a01fd corporate/3.0/RPMS/egroupware-email-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     3863031cfccf6ba411ae8965b4e13af0 corporate/3.0/RPMS/egroupware-emailadmin-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     260713edaf667a6c0af01afe5cf1276f corporate/3.0/RPMS/egroupware-etemplate-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     a3ae6cc7bbbb4fb5191f41a7e602741a corporate/3.0/RPMS/egroupware-felamimail-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     a95d31bb108a6126d3187af8c77c2164 corporate/3.0/RPMS/egroupware-filemanager-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     772a8690091f509727ef70f6b363d6bf corporate/3.0/RPMS/egroupware-forum-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     e97692f7a5c888e4ea1a86236c9bd124 corporate/3.0/RPMS/egroupware-ftp-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     c9a5f4a17bf1697e7eb5e1e6421a6ff3 corporate/3.0/RPMS/egroupware-fudforum-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     d8a9513798c91e6cbd39667fa04784ff corporate/3.0/RPMS/egroupware-headlines-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     87f25244c8af456bf43c66650dbc05e6 corporate/3.0/RPMS/egroupware-infolog-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     67fc3ed193d9e5a5b5e3d0ab4b3b21af corporate/3.0/RPMS/egroupware-jinn-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     0c4a7125fa56f7e2c62b37c0e9657fda corporate/3.0/RPMS/egroupware-messenger-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     7c59389b480bab742b74a7fa3c304e08 corporate/3.0/RPMS/egroupware-news_admin-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     ccc1a38a19f371b24014c078fd270640 corporate/3.0/RPMS/egroupware-phpbrain-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     4d08c9988a1a8b371dbb8e775f10ead5 corporate/3.0/RPMS/egroupware-phpldapadmin-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     49e15a21e9649192aec8a094fbd6ba23 corporate/3.0/RPMS/egroupware-phpsysinfo-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     449fc4f64a2684e801026551d10775a6 corporate/3.0/RPMS/egroupware-polls-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     84f495032f73864c1ca310a318837f31 corporate/3.0/RPMS/egroupware-projects-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     3db5f783dcda18436cbf518033f95be3 corporate/3.0/RPMS/egroupware-registration-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     e8113156f031a132f175176465203169 corporate/3.0/RPMS/egroupware-sitemgr-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     29d48e4fe5c5d1b94e59e0cc204e0543 corporate/3.0/RPMS/egroupware-skel-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     f6289361d472ea1ad5df3d7758f761be corporate/3.0/RPMS/egroupware-stocks-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     76a227fd0a41378068f50206988bede3 corporate/3.0/RPMS/egroupware-tts-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     ec29184df68cc2b948acab7c5f8aeeb9 corporate/3.0/RPMS/egroupware-wiki-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     5384f10de57e45eeb12a9dd327ee9c10 corporate/3.0/SRPMS/egroupware-1.0-0.RC3.1.1.C30mdk.src.rpm

     Corporate 3.0/X86_64:
     2f1b49e341d8edd6c1932003566ffc58 x86_64/corporate/3.0/RPMS/egroupware-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     6ccdd0eb824c3e33ec3d563faab7c3d0 x86_64/corporate/3.0/RPMS/egroupware-addressbook-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     d174b44005b42690b63f579fc52f25a5 x86_64/corporate/3.0/RPMS/egroupware-backup-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     7a373d4cd1164b9d224d4994660261be x86_64/corporate/3.0/RPMS/egroupware-bookmarks-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     c4c7ba83e63d4c020ab727489ca97cf1 x86_64/corporate/3.0/RPMS/egroupware-calendar-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     86c6438ad0ba2b49a6cf5ca620029061 x86_64/corporate/3.0/RPMS/egroupware-comic-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     d89f1c956c5e2cc42814a20acb290687 x86_64/corporate/3.0/RPMS/egroupware-developer_tools-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     adfbb36bfd59ce3a48dc56b921be2a54 x86_64/corporate/3.0/RPMS/egroupware-email-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     bfa26dd6790000f2d5ad73aff923a49e x86_64/corporate/3.0/RPMS/egroupware-emailadmin-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     413c4f14dab1ec459582e550184642e3 x86_64/corporate/3.0/RPMS/egroupware-etemplate-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     ef5067cae004fa45cd7bd7139120b889 x86_64/corporate/3.0/RPMS/egroupware-felamimail-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     f3deac45103897da4f179340270e4aad x86_64/corporate/3.0/RPMS/egroupware-filemanager-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     8062cb13302d80aa6bd4e88f9d979b1c x86_64/corporate/3.0/RPMS/egroupware-forum-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     f7937eb4df7f85c0fe8b379023f2c573 x86_64/corporate/3.0/RPMS/egroupware-ftp-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     eb8bbcc4b483e98945ee601b15ec7f7d x86_64/corporate/3.0/RPMS/egroupware-fudforum-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     db6def23bc1ff1b53dcadd2ffdd6a3d0 x86_64/corporate/3.0/RPMS/egroupware-headlines-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     1e6cc7a656c68a1ca62e31c12e893a3f x86_64/corporate/3.0/RPMS/egroupware-infolog-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     71c547730fcc2bc147443bfedee83d67 x86_64/corporate/3.0/RPMS/egroupware-jinn-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     c5bec11237069f31df19356273a04630 x86_64/corporate/3.0/RPMS/egroupware-messenger-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     447920d7c091917ddf6594748e259d61 x86_64/corporate/3.0/RPMS/egroupware-news_admin-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     42c4c60a10da6684116fd3b02015786f x86_64/corporate/3.0/RPMS/egroupware-phpbrain-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     cc3d269b9c4e0a9c0ba653d43f5e7b07 x86_64/corporate/3.0/RPMS/egroupware-phpldapadmin-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     234151d4addd9cc8d1ec9c8d3de20c19 x86_64/corporate/3.0/RPMS/egroupware-phpsysinfo-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     2d1ee394139ac708596205c94e6c7787 x86_64/corporate/3.0/RPMS/egroupware-polls-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     46ad113c5567a0eb11c5714b0d40d4af x86_64/corporate/3.0/RPMS/egroupware-projects-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     7eb518461ed5e14e30050a0029deff78 x86_64/corporate/3.0/RPMS/egroupware-registration-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     064cada6a43dca2b008667279fa49b77 x86_64/corporate/3.0/RPMS/egroupware-sitemgr-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     0b7e02fb4f16805917ab5bb38e413f46 x86_64/corporate/3.0/RPMS/egroupware-skel-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     e31a1d779b948888b6f8948fd62bf234 x86_64/corporate/3.0/RPMS/egroupware-stocks-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     bbbfa22769e23adb399ed087872cee89 x86_64/corporate/3.0/RPMS/egroupware-tts-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     98edc1ce7c21635f606c714d97c78501 x86_64/corporate/3.0/RPMS/egroupware-wiki-1.0-0.RC3.1.1.C30mdk.noarch.rpm
     5384f10de57e45eeb12a9dd327ee9c10 x86_64/corporate/3.0/SRPMS/egroupware-1.0-0.RC3.1.1.C30mdk.src.rpm
     _______________________________________________________________________

     To upgrade automatically use MandrivaUpdate or urpmi. The verification
     of md5 checksums and GPG signatures is performed automatically for you.

     All packages are signed by Mandriva for security. You can obtain the
     GPG public key of the Mandriva Security Team by executing:

      gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

     You can view other update advisories for Mandriva Linux at:

      http://www.mandriva.com/security/advisories

     If you want to report vulnerabilities, please contact

      security_(at)_mandriva.com
     _______________________________________________________________________

     Type Bits/KeyID Date User ID
     pub 1024D/22458A98 2000-07-10 Mandriva Security Team
      <security*mandriva.com>
    -----BEGIN PGP SIGNATURE-----
    Version: GnuPG v1.2.4 (GNU/Linux)

    iD8DBQFDe1tCmqjQ0CJFipgRAtnhAJ0VJ50Jhua84VoTWeZs22jIzi33eACgnwu3
    sRQYGhE96iex5ZIahGNH0Ww=
    =oEG9
    -----END PGP SIGNATURE-----


  • Next message: papipsycho_at_hotmail.com: "Buffer OverFlow For Php 4.3.10 and other ?? Local"

    Relevant Pages

    • [Full-disclosure] MDKSA-2005:212 - Updated egroupware packages to address phpldapadmin, phpsysinfo v
      ... Phpldapadmin before 0.9.6c allows remote attackers to gain anonymous ... PHP remote code injection vulnerability in welcome.php in phpLDAPadmin ... in phpsysinfo, a PHP based host information application. ... The updated packages have new versions of these subsystems to correct ...
      (Full-Disclosure)
    • [Full-disclosure] [ MDVSA-2013:114 ] php
      ... Multiple vulnerabilities has been discovered and corrected in php: ... The updated packages have been upgraded to the 5.3.23 version which ... All packages are signed by Mandriva for security. ...
      (Full-Disclosure)
    • [ MDVSA-2014:149 ] php
      ... Multiple vulnerabilities has been discovered and corrected in php: ... The updated php packages have been upgraded to the 5.5.15 version ... All packages are signed by Mandriva for security. ...
      (Bugtraq)
    • Re: Php5 port and Apache Module
      ... possible to install php5 from the packages .. ... in any way of justifying removing the apache module from the default setting ... people installing php do so for use as an apache module. ...
      (freebsd-questions)
    • [ MDVSA-2013:114 ] php
      ... Multiple vulnerabilities has been discovered and corrected in php: ... The updated packages have been upgraded to the 5.3.23 version which ... All packages are signed by Mandriva for security. ...
      (Bugtraq)