SecurityTracker.com
    Home    |    View Topics    |    Search    |    Contact Us    |   

SecurityTracker
Archives


 


Category:   Application (Generic)  >   PEAR Auth Vendors:   PHP Group
PEAR Auth Input Validation Bugs Let Remote Users Falsify Authentication Credentials
SecurityTracker Alert ID:  1015666
SecurityTracker URL:  http://securitytracker.com/id/1015666
CVE Reference:   GENERIC-MAP-NOMATCH   (Links to External Site)
Date:  Feb 22 2006
Impact:   Modification of authentication information, User access via network
Fix Available:  Yes  Vendor Confirmed:  Yes  
Version(s): prior to 1.2.4; 1.3 to prior to 1.3.0r4
Description:   A vulnerability was reported in PEAR::Auth. A remote user may be able to falsify authentication credentials.

Some of the PEAR::Auth Container components do not properly validate user-supplied input. A remote user can conduct injection attacks against the underlying authentication mechanism to falsify authentication credentials.

The vendor was notified on January 30, 2006.

Matt Van Gundy discovered this vulnerability.

Impact:   A remote user may be able to falsify authentication credentials against applications that use the affected library.
Solution:   The vendor has issued a fixed version (1.2.4), available at:

http://pear.php.net/package/Auth/download

Vendor URL:  pear.php.net/package/Auth (Links to External Site)
Cause:   Input validation error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   None.


 Source Message Contents

Subject:  Multiple Injection Vulnerabilities in PHP PEAR::Auth Module

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
--------------enigC6848402920ADCF71CA3E899
Content-Type: text/plain; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable

PRODUCT:
    PEAR::Auth Authentication Module Package
    http://pear.php.net/package/Auth

VERSIONS AFFECTED:
    All versions < 1.2.4
    1.3 series < 1.3.0r4

DESCRIPTION:
    Multiple injection vulnerabilities exist in the PEAR::Auth module.
    Some of the PEAR::Auth Container back ends do not fully validate
    input from the user before presenting it to the underlying
    authentication mechanisms.  This allows a malicious user to
    perform injection attacks against the underlying authentication
    mechanism in order to falsify authentication credentials.

TIMELINE:
    2006.01.30 - Vendor notified
    2006.02.08 - Other developers contacted
    2006.02.15 - Fix released
    2006.02.21 - Public disclosure to Bugtraq

DISCOVERED BY:
    Matt Van Gundy <matt-spam [at] shekinahstudios [dot] com>
                        ^^^^^ remove the -spam to get past my spamtrap


--------------enigC6848402920ADCF71CA3E899
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.2 (Darwin)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iD8DBQFD+/5ffdMeesRSEA0RAzwxAJ9qTgME3sGkYoA9kI/3MkZ1kWfsDgCeMVP/
4BrknWaPtNPywTvF/idV4nE=
=Gkks
-----END PGP SIGNATURE-----

--------------enigC6848402920ADCF71CA3E899--

 
 


Go to the Top of This SecurityTracker Archive Page





Home   |    View Topics   |    Search   |    Contact Us

This web site uses cookies for web analytics. Learn More

Copyright 2021, SecurityGlobal.net LLC