SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Generic)  >  PEAR Auth Vendors:  PHP Group
PEAR Auth Input Validation Bugs Let Remote Users Falsify Authentication Credentials
SecurityTracker Alert ID:  1015666
SecurityTracker URL:  http://securitytracker.com/id?1015666
CVE Reference:  GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Feb 22 2006
Impact:  Modification of authentication information, User access via network
Fix Available:  Yes   Vendor Confirmed:  Yes  
Version(s): prior to 1.2.4; 1.3 to prior to 1.3.0r4
Description:  A vulnerability was reported in PEAR::Auth. A remote user may be able to falsify authentication credentials.

Some of the PEAR::Auth Container components do not properly validate user-supplied input. A remote user can conduct injection attacks against the underlying authentication mechanism to falsify authentication credentials.

The vendor was notified on January 30, 2006.

Matt Van Gundy discovered this vulnerability.
Impact:  A remote user may be able to falsify authentication credentials against applications that use the affected library.
Solution:  The vendor has issued a fixed version (1.2.4), available at:

http://pear.php.net/package/Auth/download
Vendor URL:  pear.php.net/package/Auth (Links to External Site)
Cause:  Input validation error
Underlying OS:  Linux (Any), UNIX (Any)
Reported By:  Matt Van Gundy <matt-spam@shekinahstudios.com>
Message History:   None.

 Source Message Contents
Date:  Tue, 21 Feb 2006 22:01:59 -0800
From:  Matt Van Gundy <matt@shekinahstudios.com>
Subject:  Multiple Injection Vulnerabilities in PHP PEAR::Auth Module

 
This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigC6848402920ADCF71CA3E899
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

PRODUCT:
    PEAR::Auth Authentication Module Package
    http://pear.php.net/package/Auth

VERSIONS AFFECTED:
    All versions < 1.2.4
    1.3 series < 1.3.0r4

DESCRIPTION:
    Multiple injection vulnerabilities exist in the PEAR::Auth module.
    Some of the PEAR::Auth Container back ends do not fully validate
    input from the user before presenting it to the underlying
    authentication mechanisms.  This allows a malicious user to
    perform injection attacks against the underlying authentication
    mechanism in order to falsify authentication credentials.

TIMELINE:
    2006.01.30 - Vendor notified
    2006.02.08 - Other developers contacted
    2006.02.15 - Fix released
    2006.02.21 - Public disclosure to Bugtraq

DISCOVERED BY:
    Matt Van Gundy <matt-spam [at] shekinahstudios [dot] com>
                        ^^^^^ remove the -spam to get past my spamtrap


--------------enigC6848402920ADCF71CA3E899
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD+/5ffdMeesRSEA0RAzwxAJ9qTgME3sGkYoA9kI/3MkZ1kWfsDgCeMVP/
4BrknWaPtNPywTvF/idV4nE=
=Gkks
-----END PGP SIGNATURE-----

--------------enigC6848402920ADCF71CA3E899--


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2006, SecurityGlobal.net LLC