98040 – www-apps/phpwebsite Unknown security issue

Bug 98040 - www-apps/phpwebsite Unknown security issue

Summary: www-apps/phpwebsite Unknown security issue

Status:	RESOLVED DUPLICATE of bug 97461

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Gentoo Security

URL:	http://phpwebsite.appstate.edu/index....
Whiteboard:	B?? [ebuild] jaervosz
Keywords:

Duplicates (1):	97463 (view as bug list)
Depends on:
Blocks:

Reported:	2005-07-05 12:00 UTC by Wendall Cada
Modified:	2005-07-06 01:27 UTC (History)
CC List:	2 users (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Wendall Cada 2005-07-05 12:00:53 UTC

Diabolic Crab, an independent security researcher at Hackers Center has revealed
some security weaknesses in phpWebSite. Mr. Crab was kind enough to contact us
before these holes become public knowledge.

Please download the security patch and untar it in your phpWebSite version
0.10.1 installation directory.


http://phpwebsite.appstate.edu/downloads/security/phpwebsite_security_patch_20050705.2.tgz
md5sum : 7e22916bbac8c27677a65eb31b71ebe3

Posted on phpwebsite.appstate.edu. More details about the exploit will be
released soon.

Wendall

Reproducible: Always
Steps to Reproduce:
1.
2.
3.

Comment 1 Carsten Lohrke (RETIRED) gentoo-dev

2005-07-05 12:19:49 UTC

*** Bug 97463 has been marked as a duplicate of this bug. ***

Comment 2 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2005-07-05 14:40:55 UTC

www-apps please provide an updated ebuild.

Comment 3 Thierry Carrez (RETIRED) gentoo-dev

2005-07-06 01:27:47 UTC

Regrouping phpwebsite issues on one single bug.

*** This bug has been marked as a duplicate of 97461 ***