From ${URL} : I have discovered a remote code execution via php unserialize in egroupware <= 1.8.005. Can you please assign a CVE for this vulnerability? The full report can be obtained from my repo in https://github.com/pedrib/PoC/raw/master/egroupware-1.8.005.txt The changelog can be seen at http://www.egroupware.org/changelog and new versions can be obtained from http://www.egroupware.org/download @maintainer(s): after the bump, in case we need to stabilize the package, please let us know if it is ready for the stabilization or not.
This version is obsolete and no longer maintained by upstream.
There is no version available in Portage that matches ">1.8.005" Also: 1.8 is old and EOL. 14.1 has been out for a while and 14.2 RC1 has just been released.
CVE-2014-2027 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2014-2027): eGroupware before 1.8.006.20140217 allows remote attackers to conduct PHP object injection attacks, delete arbitrary files, and possibly execute arbitrary code via the (1) addr_fields or (2) trans parameter to addressbook/csv_import.php, (3) cal_fields or (4) trans parameter to calendar/csv_import.php, (5) info_fields or (6) trans parameter to csv_import.php in (a) projectmanager/ or (b) infolog/, or (7) processed parameter to preferences/inc/class.uiaclprefs.inc.php.
# Michał Górny <mgorny@gentoo.org> (05 Jun 2017) # (on behalf of Treecleaner project) # Unmaintained in Gentoo. Multiple versions behind upstream. Multiple # security vulnerabilities. Removal in 30 days. Bug #509920. www-apps/egroupware
commit 828139076827f50e43b62a88d038d1b092371618 Author: Michał Górny <mgorny@gentoo.org> AuthorDate: Wed Jul 5 12:23:14 2017 Commit: Michał Górny <mgorny@gentoo.org> CommitDate: Wed Jul 5 12:35:17 2017 www-apps/egroupware: Remove last-rited pkg, #509920
This issue was resolved and addressed in GLSA 201711-12 at https://security.gentoo.org/glsa/201711-12 by GLSA coordinator Christopher Diaz Riveros (chrisadr).
# glsa-check -v -t all Traceback (most recent call last): File "/usr/lib/python-exec/python3.4/glsa-check", line 345, in <module> if myglsa.isVulnerable(): File "/usr/lib64/python3.4/site-packages/gentoolkit/glsa/__init__.py", line 683, in isVulnerable or (None != getMinUpgrade([v,], path["unaff_atoms"])) File "/usr/lib64/python3.4/site-packages/gentoolkit/glsa/__init__.py", line 411, in getMinUpgrade u_installed = reduce(operator.add, [match(u, "vartree") for u in unaffectedList], []) File "/usr/lib64/python3.4/site-packages/gentoolkit/glsa/__init__.py", line 411, in <listcomp> u_installed = reduce(operator.add, [match(u, "vartree") for u in unaffectedList], []) File "/usr/lib64/python3.4/site-packages/gentoolkit/glsa/__init__.py", line 347, in match return db.match(atom) File "/usr/lib64/python3.4/site-packages/portage/dbapi/vartree.py", line 574, in match origdep, mydb=self, use_cache=use_cache, settings=self.settings) File "/usr/lib64/python3.4/site-packages/portage/dbapi/dep_expand.py", line 35, in dep_expand mydep = Atom(mydep, allow_repo=True) File "/usr/lib64/python3.4/site-packages/portage/dep/__init__.py", line 1270, in __init__ raise InvalidAtom(self) portage.exception.InvalidAtom: >=www-apps/egroupware-
In future we'd like to ask you to file an own bug for problems with GLSAs (we have an own component for that and tracking comments in already closed bugs have a chance to stay undetected). The reported problem was fixed via https://gitweb.gentoo.org/data/glsa.git/commit/?id=5734ba55387c6cf49565c6c096a4be4ee2b65de5
