[gentoo-commits] gentoo commit in xml/htdocs/security/en/glsa: glsa-200805-01.xml - gentoo-commits

From:	"Pierre-Yves Rofes (py)" <py@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo commit in xml/htdocs/security/en/glsa: glsa-200805-01.xml
Date:	Mon, 05 May 2008 21:05:43
Message-Id:	`E1Jt7sR-0007nT-PJ@stork.gentoo.org`

1

py          08/05/05 21:05:39

2

3

  Added:                glsa-200805-01.xml

4

  Log:

5

  GLSA 200805-01

6

7

Revision  Changes    Path

8

1.1                  xml/htdocs/security/en/glsa/glsa-200805-01.xml

9

10

file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/security/en/glsa/glsa-200805-01.xml?rev=1.1&view=markup

11

plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/security/en/glsa/glsa-200805-01.xml?rev=1.1&content-type=text/plain

12

13

Index: glsa-200805-01.xml

14

===================================================================

15

<?xml version="1.0" encoding="utf-8"?>

16

<?xml-stylesheet href="/xsl/glsa.xsl" type="text/xsl"?>

17

<?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?>

18

<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">

19

20

<glsa id="200805-01">

21

  <title>Horde Application Framework: Multiple vulnerabilities</title>

22

  <synopsis>

23

    Multiple vulnerabilities in the Horde Application Framework may lead to the

24

    execution of arbitrary files, information disclosure, and allow a remote

25

    attacker to bypass security restrictions.

26

  </synopsis>

27

  <product type="ebuild">horde</product>

28

  <announced>May 05, 2008</announced>

29

  <revised>May 05, 2008: 01</revised>

30

  <bug>212635</bug>

31

  <bug>213493</bug>

32

  <access>remote</access>

33

  <affected>

34

    <package name="www-apps/horde" auto="yes" arch="*">

35

      <unaffected range="ge">3.1.7</unaffected>

36

      <vulnerable range="lt">3.1.7</vulnerable>

37

    </package>

38

    <package name="www-apps/horde-groupware" auto="yes" arch="*">

39

      <unaffected range="ge">1.0.5</unaffected>

40

      <vulnerable range="lt">1.0.5</vulnerable>

41

    </package>

42

    <package name="www-apps/horde-kronolith" auto="yes" arch="*">

43

      <unaffected range="ge">2.1.7</unaffected>

44

      <vulnerable range="lt">2.1.7</vulnerable>

45

    </package>

46

    <package name="www-apps/horde-mnemo" auto="yes" arch="*">

47

      <unaffected range="ge">2.1.2</unaffected>

48

      <vulnerable range="lt">2.1.2</vulnerable>

49

    </package>

50

    <package name="www-apps/horde-nag" auto="yes" arch="*">

51

      <unaffected range="ge">2.1.4</unaffected>

52

      <vulnerable range="lt">2.1.4</vulnerable>

53

    </package>

54

    <package name="www-apps/horde-webmail" auto="yes" arch="*">

55

      <unaffected range="ge">1.0.6</unaffected>

56

      <vulnerable range="lt">1.0.6</vulnerable>

57

    </package>

58

  </affected>

59

  <background>

60

<p>

61

    The Horde Application Framework is a general-purpose web application

62

    framework written in PHP, providing classes for handling preferences,

63

    compression, browser detection, connection tracking, MIME and more.

64

    </p>

65

  </background>

66

  <description>

67

<p>

68

    Multiple vulnerabilities have been reported in the Horde Application

69

    Framework:

70

    </p>

71

    <ul>

72

    <li>David Collins, Patrick Pelanne and the

73

    HostGator.com LLC support team discovered that the theme preference

74

    page does not sanitize POST variables for several options, allowing the

75

    insertion of NULL bytes and ".." sequences (CVE-2008-1284).</li>

76

    <li>An

77

    error exists in the Horde API allowing users to bypass security

78

    restrictions.</li>

79

    </ul>

80

  </description>

81

  <impact type="normal">

82

<p>

83

    The first vulnerability can be exploited by a remote attacker to read

84

    arbitrary files and by remote authenticated attackers to execute

85

    arbitrary files. The second vulnerability can be exploited by

86

    authenticated remote attackers to perform restricted operations.

87

    </p>

88

  </impact>

89

  <workaround>

90

<p>

91

    There is no known workaround at this time.

92

    </p>

93

  </workaround>

94

  <resolution>

95

<p>

96

    All Horde Application Framework users should upgrade to the latest

97

    version:

98

    </p>

99

    <code>

100

    # emerge --sync

101

    # emerge --ask --oneshot --verbose &quot;&gt;=www-apps/horde-3.1.7&quot;</code>

102

<p>

103

    All horde-groupware users should upgrade to the latest version:

104

    </p>

105

    <code>

106

    # emerge --sync

107

    # emerge --ask --oneshot --verbose &quot;&gt;=www-apps/horde-groupware-1.0.5&quot;</code>

108

<p>

109

    All horde-kronolith users should upgrade to the latest version:

110

    </p>

111

    <code>

112

    # emerge --sync

113

    # emerge --ask --oneshot --verbose &quot;&gt;=www-apps/horde-kronolith-2.1.7&quot;</code>

114

<p>

115

    All horde-mnemo users should upgrade to the latest version:

116

    </p>

117

    <code>

118

    # emerge --sync

119

    # emerge --ask --oneshot --verbose &quot;&gt;=www-apps/horde-mnemo-2.1.2&quot;</code>

120

<p>

121

    All horde-nag users should upgrade to the latest version:

122

    </p>

123

    <code>

124

    # emerge --sync

125

    # emerge --ask --oneshot --verbose &quot;&gt;=www-apps/horde-nag-2.1.4&quot;</code>

126

<p>

127

    All horde-webmail users should upgrade to the latest version:

128

    </p>

129

    <code>

130

    # emerge --sync

131

    # emerge --ask --oneshot --verbose &quot;&gt;=www-apps/horde-webmail-1.0.6&quot;</code>

132

  </resolution>

133

  <references>

134

    <uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1284">CVE-2008-1284</uri>

135

  </references>

136

  <metadata tag="requester" timestamp="Sat, 29 Mar 2008 20:23:06 +0000">

137

    keytoaster

138

  </metadata>

139

  <metadata tag="bugReady" timestamp="Thu, 03 Apr 2008 14:49:55 +0000">

140

rbu

141

  </metadata>

142

  <metadata tag="submitter" timestamp="Sat, 26 Apr 2008 11:40:54 +0000">

143

    mfleming

144

  </metadata>

145

</glsa>

--

150

gentoo-commits@l.g.o mailing list

1	py 08/05/05 21:05:39
2
3	Added: glsa-200805-01.xml
4	Log:
5	GLSA 200805-01
6
7	Revision Changes Path
8	1.1 xml/htdocs/security/en/glsa/glsa-200805-01.xml
9
10	file : http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/security/en/glsa/glsa-200805-01.xml?rev=1.1&view=markup
11	plain: http://sources.gentoo.org/viewcvs.py/gentoo/xml/htdocs/security/en/glsa/glsa-200805-01.xml?rev=1.1&content-type=text/plain
12
13	Index: glsa-200805-01.xml
14	===================================================================
15	<?xml version="1.0" encoding="utf-8"?>
16	<?xml-stylesheet href="/xsl/glsa.xsl" type="text/xsl"?>
17	<?xml-stylesheet href="/xsl/guide.xsl" type="text/xsl"?>
18	<!DOCTYPE glsa SYSTEM "http://www.gentoo.org/dtd/glsa.dtd">
19
20	<glsa id="200805-01">
21	<title>Horde Application Framework: Multiple vulnerabilities</title>
22	<synopsis>
23	Multiple vulnerabilities in the Horde Application Framework may lead to the
24	execution of arbitrary files, information disclosure, and allow a remote
25	attacker to bypass security restrictions.
26	</synopsis>
27	<product type="ebuild">horde</product>
28	<announced>May 05, 2008</announced>
29	<revised>May 05, 2008: 01</revised>
30	<bug>212635</bug>
31	<bug>213493</bug>
32	<access>remote</access>
33	<affected>
34	<package name="www-apps/horde" auto="yes" arch="*">
35	<unaffected range="ge">3.1.7</unaffected>
36	<vulnerable range="lt">3.1.7</vulnerable>
37	</package>
38	<package name="www-apps/horde-groupware" auto="yes" arch="*">
39	<unaffected range="ge">1.0.5</unaffected>
40	<vulnerable range="lt">1.0.5</vulnerable>
41	</package>
42	<package name="www-apps/horde-kronolith" auto="yes" arch="*">
43	<unaffected range="ge">2.1.7</unaffected>
44	<vulnerable range="lt">2.1.7</vulnerable>
45	</package>
46	<package name="www-apps/horde-mnemo" auto="yes" arch="*">
47	<unaffected range="ge">2.1.2</unaffected>
48	<vulnerable range="lt">2.1.2</vulnerable>
49	</package>
50	<package name="www-apps/horde-nag" auto="yes" arch="*">
51	<unaffected range="ge">2.1.4</unaffected>
52	<vulnerable range="lt">2.1.4</vulnerable>
53	</package>
54	<package name="www-apps/horde-webmail" auto="yes" arch="*">
55	<unaffected range="ge">1.0.6</unaffected>
56	<vulnerable range="lt">1.0.6</vulnerable>
57	</package>
58	</affected>
59	<background>
60	<p>
61	The Horde Application Framework is a general-purpose web application
62	framework written in PHP, providing classes for handling preferences,
63	compression, browser detection, connection tracking, MIME and more.
64	</p>
65	</background>
66	<description>
67	<p>
68	Multiple vulnerabilities have been reported in the Horde Application
69	Framework:
70	</p>
71	<ul>
72	<li>David Collins, Patrick Pelanne and the
73	HostGator.com LLC support team discovered that the theme preference
74	page does not sanitize POST variables for several options, allowing the
75	insertion of NULL bytes and ".." sequences (CVE-2008-1284).</li>
76	<li>An
77	error exists in the Horde API allowing users to bypass security
78	restrictions.</li>
79	</ul>
80	</description>
81	<impact type="normal">
82	<p>
83	The first vulnerability can be exploited by a remote attacker to read
84	arbitrary files and by remote authenticated attackers to execute
85	arbitrary files. The second vulnerability can be exploited by
86	authenticated remote attackers to perform restricted operations.
87	</p>
88	</impact>
89	<workaround>
90	<p>
91	There is no known workaround at this time.
92	</p>
93	</workaround>
94	<resolution>
95	<p>
96	All Horde Application Framework users should upgrade to the latest
97	version:
98	</p>
99	<code>
100	# emerge --sync
101	# emerge --ask --oneshot --verbose ">=www-apps/horde-3.1.7"</code>
102	<p>
103	All horde-groupware users should upgrade to the latest version:
104	</p>
105	<code>
106	# emerge --sync
107	# emerge --ask --oneshot --verbose ">=www-apps/horde-groupware-1.0.5"</code>
108	<p>
109	All horde-kronolith users should upgrade to the latest version:
110	</p>
111	<code>
112	# emerge --sync
113	# emerge --ask --oneshot --verbose ">=www-apps/horde-kronolith-2.1.7"</code>
114	<p>
115	All horde-mnemo users should upgrade to the latest version:
116	</p>
117	<code>
118	# emerge --sync
119	# emerge --ask --oneshot --verbose ">=www-apps/horde-mnemo-2.1.2"</code>
120	<p>
121	All horde-nag users should upgrade to the latest version:
122	</p>
123	<code>
124	# emerge --sync
125	# emerge --ask --oneshot --verbose ">=www-apps/horde-nag-2.1.4"</code>
126	<p>
127	All horde-webmail users should upgrade to the latest version:
128	</p>
129	<code>
130	# emerge --sync
131	# emerge --ask --oneshot --verbose ">=www-apps/horde-webmail-1.0.6"</code>
132	</resolution>
133	<references>
134	<uri link="http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-1284">CVE-2008-1284</uri>
135	</references>
136	<metadata tag="requester" timestamp="Sat, 29 Mar 2008 20:23:06 +0000">
137	keytoaster
138	</metadata>
139	<metadata tag="bugReady" timestamp="Thu, 03 Apr 2008 14:49:55 +0000">
140	rbu
141	</metadata>
142	<metadata tag="submitter" timestamp="Sat, 26 Apr 2008 11:40:54 +0000">
143	mfleming
144	</metadata>
145	</glsa>
146
147
148
149	--
150	gentoo-commits@l.g.o mailing list

Gentoo Archives: gentoo-commits