Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 112766

Summary: net-nds/phpldapadmin multiple issues
Product: Gentoo Security Reporter: Bruno Lopes <bruno.cardoso>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED DUPLICATE    
Severity: normal    
Priority: High    
Version: unspecified   
Hardware: All   
OS: Linux   
Whiteboard:
Package list:
Runtime testing required: ---

Description Bruno Lopes 2005-11-16 18:46:35 UTC
i don't know is bug #104293 cover this, so sorry if it does...

 Directory traversal vulnerability in welcome.php in phpLDAPadmin 0.9.6
 and 0.9.7 allows remote attackers to read arbitrary files via a ..
 (dot dot) in the custom_welcome_page parameter. (CAN-2005-2792)

 PHP remote code injection vulnerability in welcome.php in phpLDAPadmin
 0.9.6 and 0.9.7 allows remote attackers to execute arbitrary PHP code
 via the custom_welcome_page parameter. (CAN-2005-2793)

 Maksymilian Arciemowicz discovered several cross site scripting issues
 in  phpsysinfo, a PHP based host information application.
 (CAN-2005-0869, 0870)

 Christopher Kunz discovered that local variables in phpsysinfo get
 overwritten unconditionally and are trusted later, which could lead to
 the inclusion of arbitrary files. (CAN-2005-3347)

 Christopher Kunz discovered that user-supplied input in phpsysinfo is
 used unsanitised, causing a HTTP Response splitting problem.
 (CAN-2005-3348)

Reproducible: Didn't try
Steps to Reproduce:
1.
2.
3.





 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2654
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2792
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2793
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0869
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0870
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3347
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-3348
Comment 1 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev 2005-11-16 22:12:12 UTC
Seems like we're not affected by these (note some of the CVE ids apparently 
references phpsysinfo instead). Other opionions anyone? 
Comment 2 Thierry Carrez (RETIRED) gentoo-dev 2005-11-17 02:06:49 UTC
Yes, the phpLDAPadmin part has been solved in 104293. The phpsysinfo part is bug
112482

*** This bug has been marked as a duplicate of 104293 ***