371310 – dev-php/smarty: Information leak vulnerability in the {fetch} tag

Bug 371310 - dev-php/smarty: Information leak vulnerability in the {fetch} tag

Summary: dev-php/smarty: Information leak vulnerability in the {fetch} tag

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Normal minor (vote)
Assignee:	Gentoo Security

URL:	https://code.google.com/p/smarty-php/...
Whiteboard:	~4 [noglsa]
Keywords:

Depends on:
Blocks:

Reported:	2011-06-12 20:49 UTC by Tim Sammut (RETIRED)
Modified:	2013-09-04 06:29 UTC (History)
CC List:	3 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Tim Sammut (RETIRED) gentoo-dev

2011-06-12 20:49:56 UTC

Fix at $URL, from a third-party advisory at http://secunia.com/advisories/44842/.

DESCRIPTION:
A vulnerability has been discovered in Smarty, which can be exploited
by malicious people to bypass certain security restrictions.

The vulnerability is caused due to the "{fetch}" tag not properly
honoring the security policy, which can be exploited to e.g. bypass
the "secure_dir" setting.

The vulnerability is confirmed in version 3.0.8. Other versions may
also be affected.

Comment 1 Chris Reffett (RETIRED) gentoo-dev

2013-09-03 18:31:46 UTC

3.0.8 not in tree, 3.* branch has never been stabilized. Closing noglsa.