Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 407717 (CVE-2012-1114)

Summary: <net-nds/phpldapadmin-1.2.3 : "filter" and "attr" Cross-Site Scripting Vulnerabilities (CVE-2012-{1114, 1115})
Product: Gentoo Security Reporter: Michael Harrison <n0idx80>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Status: RESOLVED FIXED    
Severity: trivial CC: jmbsvicetto, vostorga, web-apps
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: Linux   
URL: http://secunia.com/advisories/48273/
Whiteboard: ~4 [noglsa]
Package list:
Runtime testing required: ---

Description Michael Harrison 2012-03-10 20:35:06 UTC 
Input passed via the "filter" and "attr" parameters to cmd.php is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Input passed to the "filter" POST parameter in lam/templates/3rdParty/pla/htdocs/cmd.php (when "cmd" is set to "export" and "exporter_id" is set to "LDIF") is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Input passed to the "attr" parameter in lam/templates/3rdParty/pla/htdocs/cmd.php (when "cmd" is set to "add_value_form" and "dn" is set to a valid value) is not properly sanitised before being returned to the user. This can be exploited to execute arbitrary HTML and script code in a user's browser session in context of an affected site.

Reference:
http://www.openwall.com/lists/oss-security/2012/03/06/1

$URL referenced the above descriptions detail from numbers [2] and [3]:
http://secunia.com/advisories/48221/

It looks like Secunia's advisory is implying that the above is the same issue but with phpldapadmin specifically since it has been issued it's own CVE.

Looks as though, per upstream there is currently no solution:
http://sourceforge.net/tracker/?func=detail&aid=3497660&group_id=61828&atid=498546
Comment 1 Samuel Damashek (RETIRED) gentoo-dev 2013-12-22 14:23:14 UTC 
Vulnerability is fixed in =net-nds/phpldapadmin-1.2.3 (commit #74434e5 in git://git.code.sf.net/p/phpldapadmin/code). Would it be possible for <net-nds/phpldapadmin-1.2.3 to be removed from the tree and this bug closed? No revdeps for this package.
Comment 2 Chris Reffett (RETIRED) gentoo-dev Security 2013-12-22 16:37:03 UTC 
Indeed. @maintainers: cleanup time.
Comment 3 Jorge Manuel B. S. Vicetto (RETIRED) Gentoo Infrastructure gentoo-dev 2014-04-11 01:51:45 UTC 
Affected versions removed from the tree.
Comment 4 Agostino Sarubbo gentoo-dev 2014-04-13 11:55:18 UTC 
Closing as noglsa