|
Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com |
[sec-adv] Mandrake update for phpgroupware
From: Secunia Security Advisories (sec-adv
secunia.com)
Date: Thu Jul 24 2003 - 05:29:44 CDT
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]
TITLE:
Mandrake update for phpgroupware
READ ONLINE:
http://www.secunia.com/advisories/9342/
CRITICAL:
Highly critical
IMPACT:
System access
WHERE:
From remote
REVISION:
2.0 originally posted 2003-07-24
OPERATING SYSTEM:
Mandrake Corporate Server 2.x
Mandrake Linux 8.x
Mandrake Linux 9.x
SOFTWARE:
phpGroupWare 0.x
DESCRIPTION:
Mandrake has issued updated packages for phpgroupware. These fix a
vulnerability, which can be exploited to execute arbitrary code on
the web server.
The problem is that a parameter used to include files isn't verified
before it is used. This allows malicious people to include arbitrary
PHP code from a remote server.
SOLUTION:
Updated packages:
Corporate Server 2.1:
978f7cd5a9fccdd629c77fb8bcf80014
corporate/2.1/RPMS/phpgroupware-0.9.14.006-0.1mdk.noarch.rpm
4af85affe60b60b4978d84e306ec3544
corporate/2.1/SRPMS/phpgroupware-0.9.14.006-0.1mdk.src.rpm
Corporate Server 2.1/x86_64:
49562febf6a8815ffe2bda1f3a303c72
x86_64/corporate/2.1/RPMS/phpgroupware-0.9.14.006-0.1mdk.noarch.rpm
4af85affe60b60b4978d84e306ec3544
x86_64/corporate/2.1/SRPMS/phpgroupware-0.9.14.006-0.1mdk.src.rpm
Mandrake Linux 8.2:
3380410fa9b2eae7cea1dbc71845dcfc
8.2/RPMS/phpgroupware-0.9.14.006-0.1mdk.noarch.rpm
4af85affe60b60b4978d84e306ec3544
8.2/SRPMS/phpgroupware-0.9.14.006-0.1mdk.src.rpm
Mandrake Linux 8.2/PPC:
785099e51ac582c2c615d42059707c99
ppc/8.2/RPMS/phpgroupware-0.9.14.006-0.1mdk.noarch.rpm
4af85affe60b60b4978d84e306ec3544
ppc/8.2/SRPMS/phpgroupware-0.9.14.006-0.1mdk.src.rpm
Mandrake Linux 9.0:
978f7cd5a9fccdd629c77fb8bcf80014
9.0/RPMS/phpgroupware-0.9.14.006-0.1mdk.noarch.rpm
4af85affe60b60b4978d84e306ec3544
9.0/SRPMS/phpgroupware-0.9.14.006-0.1mdk.src.rpm
Mandrake Linux 9.1:
147ba122b3693850de36d2d33cbfe327
9.1/RPMS/phpgroupware-0.9.14.006-0.1mdk.noarch.rpm
4af85affe60b60b4978d84e306ec3544
9.1/SRPMS/phpgroupware-0.9.14.006-0.1mdk.src.rpm
Mandrake Linux 9.1/PPC:
3e0684538b8165244e82703d9f8b2a26
ppc/9.1/RPMS/phpgroupware-0.9.14.006-0.1mdk.noarch.rpm
4af85affe60b60b4978d84e306ec3544
ppc/9.1/SRPMS/phpgroupware-0.9.14.006-0.1mdk.src.rpm
CHANGELOG:
2003-07-24: Updated description and rating.
----------------------------------------------------------------------
Secunia recommends that you verify all advisories you receive, by
clicking the link.
Secunia NEVER sends attached files with advisories.
Secunia does not advise people to install third party patches, only
use those supplied by the vendor.
Contact details:
Web : http://www.secunia.com/
E-mail : supportsecunia.com
Tel : +44 (0) 20 7016 2693
Fax : +44 (0) 20 7637 0419
----------------------------------------------------------------------
Unsubscribe: Secunia Security Advisories
----------------------------------------------------------------------
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]