Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 678512 (CVE-2018-19274) - <www-apps/phpBB-3.2.7 - Remote execution from privileged account vulnerability (CVE-2018-19274)
Summary: <www-apps/phpBB-3.2.7 - Remote execution from privileged account vulnerabilit...
Status: IN_PROGRESS
Alias: CVE-2018-19274
Product: Gentoo Security
Classification: Unclassified
Component: Vulnerabilities (show other bugs)
Hardware: All Linux
: Normal trivial (vote)
Assignee: Gentoo Security
URL:
Whiteboard: ~3 [noglsa]
Keywords:
Depends on: 615182
Blocks:
  Show dependency tree
 
Reported: 2019-02-21 18:26 UTC by Brian Evans
Modified: 2020-04-08 04:14 UTC (History)
2 users (show)

See Also:
Package list:
Runtime testing required: ---


Attachments

Note You need to log in before you can comment on or make changes to this bug.
Description Brian Evans Gentoo Infrastructure gentoo-dev 2019-02-21 18:26:28 UTC
CVE-2018-19274 - An attacker with control over a founder admin account could escalate to remote code execution by abusing PHP’s default unserialization of metadata in Phar files. More information about this technique can be found here[1]. - Fixed in 3.2.4


[1] https://blog.ripstech.com/2018/new-php-exploitation-technique/
Comment 1 Larry the Git Cow gentoo-dev 2019-06-24 21:30:51 UTC
The bug has been referenced in the following commit(s):

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=87065954b8372c4ce06d42d09cc7b7311a42e8b2

commit 87065954b8372c4ce06d42d09cc7b7311a42e8b2
Author:     James Le Cuirot <chewi@gentoo.org>
AuthorDate: 2019-06-24 21:29:31 +0000
Commit:     James Le Cuirot <chewi@gentoo.org>
CommitDate: 2019-06-24 21:29:31 +0000

    www-apps/phpBB: Drop old and vulnerable 3.1.10
    
    Bug: https://bugs.gentoo.org/678512
    Package-Manager: Portage-2.3.67, Repoman-2.3.13
    Signed-off-by: James Le Cuirot <chewi@gentoo.org>

 www-apps/phpBB/Manifest               |  1 -
 www-apps/phpBB/phpBB-3.1.10-r1.ebuild | 42 -----------------------------------
 2 files changed, 43 deletions(-)

https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=7180d5f150295b7a8f5fd492a637f8a7b10f0253

commit 7180d5f150295b7a8f5fd492a637f8a7b10f0253
Author:     James Le Cuirot <chewi@gentoo.org>
AuthorDate: 2019-06-24 21:27:39 +0000
Commit:     James Le Cuirot <chewi@gentoo.org>
CommitDate: 2019-06-24 21:27:39 +0000

    www-apps/phpBB: Version bump to 3.2.7
    
    Bug: https://bugs.gentoo.org/678512
    Closes: https://bugs.gentoo.org/615182
    Package-Manager: Portage-2.3.67, Repoman-2.3.13
    Signed-off-by: James Le Cuirot <chewi@gentoo.org>

 www-apps/phpBB/Manifest                 |  1 +
 www-apps/phpBB/files/permissions        | 19 +++++++++++++
 www-apps/phpBB/files/postinstall-en.txt | 30 ++++++++------------
 www-apps/phpBB/metadata.xml             | 11 ++++++++
 www-apps/phpBB/phpBB-3.2.7.ebuild       | 50 +++++++++++++++++++++++++++++++++
 5 files changed, 92 insertions(+), 19 deletions(-)
Comment 2 Sam James (sam_c) (security padawan) 2020-04-08 04:14:20 UTC
Tree is clean.