SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com





Category:   Application (Generic)  >   PHProjekt Vendors:   Guenther, Albrecht
(Gentoo Issues Fix) PHProjekt 'setup.php' Lets Remote Users Upload Files and Execute Commands
SecurityTracker Alert ID:  1012479
SecurityTracker URL:  http://securitytracker.com/id/1012479
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Dec 11 2004
Impact:   Execution of arbitrary code via network, Modification of user information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): 4.2.1 and prior versions
Description:   A vulnerability was reported in PHProjekt in the setup files. A remote user can modify the configuration and execute arbitrary scripts and commands on the target system.

The vendor reported that a remote user can exploit 'setup.php' to upload and execute arbitrary PHP scripts, including operating system commands, with the privileges of the target web service.

The vendor credits Martin Munch of 'it.sec' with reporting this flaw.
Impact:   A remote user can execute arbitrary PHP scripts, including operating system commands, on the target system. The scripts will run with the privileges of the target web service.
Solution:   Gentoo has issued a fix and indicates that all PHProjekt users should upgrade to the latest version:

# emerge --sync
# emerge --ask --oneshot --verbose ">=www-apps/phprojekt-4.2-r1"
Vendor URL:  www.phprojekt.com/modules.php?op=modload&name=News&file=article&sid=189&mode=thread&order=0 (Links to External Site)
Cause:   Access control error
Underlying OS:   Linux (Gentoo)

Message History:   This archive entry is a follow-up to the message listed below.
Dec 1 2004 PHProjekt 'setup.php' Lets Remote Users Upload Files and Execute Commands


 Source Message Contents
Date:  Fri, 10 Dec 2004 22:54:02 +0100
Subject:  [Full-Disclosure] [ GLSA 200412-06 ] PHProjekt: setup.php vulnerability


This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enig97A3C94179701E64F04CE371
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: 7bit

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
Gentoo Linux Security Advisory                           GLSA 200412-06
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -
                                            http://security.gentoo.org/
- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

  Severity: Normal
     Title: PHProjekt: setup.php vulnerability
      Date: December 10, 2004
      Bugs: #73021
        ID: 200412-06

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Synopsis
========

PHProjekt contains a vulnerability in the setup procedure allowing
remote users without admin rights to change the configuration.

Background
==========

PHProjekt is a modular groupware web application used to coordinate
group activities and share files.

Affected packages
=================

    -------------------------------------------------------------------
     Package             /  Vulnerable  /                   Unaffected
    -------------------------------------------------------------------
  1  www-apps/phprojekt      < 4.2-r1                        >= 4.2-r1

Description
===========

Martin Muench, from it.sec, found a flaw in the setup.php file.

Impact
======

Successful exploitation of the flaw allows a remote attacker without
admin rights to make unauthorized changes to PHProjekt configuration.

Workaround
==========

As a workaround, you could replace the existing setup.php file in
PHProjekt root directory by the one provided on the PHProjekt Advisory
(see References).

Resolution
==========

All PHProjekt users should upgrade to the latest version:

    # emerge --sync
    # emerge --ask --oneshot --verbose ">=www-apps/phprojekt-4.2-r1"

References
==========

  [ 1 ] PHProjekt Advisory

http://www.phprojekt.com/modules.php?op=modload&name=News&file=article&sid=189&mode=thread&order=0

Availability
============

This GLSA and any updates to it are available for viewing at
the Gentoo Security Website:

  http://security.gentoo.org/glsa/glsa-200412-06.xml

Concerns?
=========

Security is a primary focus of Gentoo Linux and ensuring the
confidentiality and security of our users machines is of utmost
importance to us. Any security concerns should be addressed to
security@gentoo.org or alternatively, you may file a bug at
http://bugs.gentoo.org.

License
=======

Copyright 2004 Gentoo Foundation, Inc; referenced text
belongs to its owner(s).

The contents of this document are licensed under the
Creative Commons - Attribution / Share Alike license.

http://creativecommons.org/licenses/by-sa/2.0


--------------enig97A3C94179701E64F04CE371
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://enigmail.mozdev.org

iD8DBQFBuhsBvcL1obalX08RAsBnAJ45Ds7CcDN18xA4olyMrBdoXDTEuwCggKai
5O4wlC/G+PlrIABVDkSVxu4=
=qgqN
-----END PGP SIGNATURE-----

--------------enig97A3C94179701E64F04CE371--

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us

Copyright 2013, SecurityGlobal.net LLC