53800 – <=net-www/horde-chora-1.2.1 - vulnerability within Chora allows remote shell command injection

Bug 53800 - <=net-www/horde-chora-1.2.1 - vulnerability within Chora allows remote shell command injection

Summary: <=net-www/horde-chora-1.2.1 - vulnerability within Chora allows remote shell ...

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All All

Importance:	Highest major (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:	B1 [glsa]
Keywords:

Depends on:
Blocks:

Reported:	2004-06-13 06:26 UTC by Carsten Lohrke (RETIRED)
Modified:	2011-10-30 22:38 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Carsten Lohrke (RETIRED) gentoo-dev

2004-06-13 06:26:13 UTC

During a security audit of Chora a vulnerability within the diff viewing functionality was discovered. This hole allows arbitrary shellcode injection. Combined with PHP's file upload functionality this gives the opportunity to upload arbitrary binaries and to execute them. (In default configurations) Concurrent Versions System (CVS) is the dominant open-source version control software that allows developers to access the latest code using a network connection. 

http://security.e-matters.de/advisories/102004.html

Comment 1 Kurt Lieber (RETIRED) gentoo-dev

2004-06-13 06:40:32 UTC

Mike -- can you please review/patch as needed?

Comment 2 SpanKY gentoo-dev

2004-06-13 10:47:15 UTC

1.2.1 removed from cvs and 1.2.2 added (stable on all arches)

Comment 3 Thierry Carrez (RETIRED) gentoo-dev

2004-06-14 09:19:53 UTC

GLSA ready

Comment 4 Thierry Carrez (RETIRED) gentoo-dev

2004-06-15 12:08:55 UTC

GLSA 200406-09