OWM-ANNOUNCE Mailing List

[OWM-ANNOUNCE Index]  [All Lists]  [Subscribe]

< prev [Date] next >

[Advanced]

< prev [Thread] next >

Security Advisory 20050502 search author :: search subject :: permalink :: reply

To: owm-announce@xxxxxxxxxxxxxxxxxxxxxxxxxx From: "Open WebMail" <openwebmail@xxxxxxxxxxxxxxxxxxxxx> Date: Mon, May 2 09:44:00 2005 -0000

Topic: Loginned user can execute arbitrary command on the server Announced: 2005-05-02 Credits: Matej Vela <vela.AT.debian.org> Affects: all versions before 20050430 Corrected: openwebmail versions after 2.51 20050430 I. Background The open(F, $filename) statement in perl will treat some characters in $filename as shell escape sequence, which causes the sub string in $filename being executed as external command II. Problem Description Several vulnerabilities have been discovered in OWM due to missing validation of CGI parameters supplied as filename III. Impact When correctly exploited, a loginned user can execute arbitrary command on the server with privilege of his own uid IV. Workaround No. V. Solution upgrade to the latest openwebmail-current.tar.gz

< Prev in Thread Current Thread Next in Thread > Security Advisory 20050502, Open WebMail 2005/05/02 Security Advisory 20050502, chungkietung 2005/05/02 Security Advisory 20050502, Open WebMail 2005/05/02

Previous by Date:  Security Advisory 20050502, chungkietung Next by Date:  phpBB forum software upgrade, tchung Previous by Thread:  Security Advisory 20050502, chungkietung Next by Thread:  phpBB forum software upgrade, tchung Indexes:  [Date] [Thread] [OWM-ANNOUNCE Index] [All Lists] [Subscribe]