Your message dated Fri, 28 Oct 2011 21:04:41 +0000
with message-id <e1rjtbv-0005kd...@franck.debian.org>
and subject line Bug#646754: fixed in phpldapadmin 1.2.0.5-2.1
has caused the Debian Bug report #646754,
regarding Exploit in phpldapadmin lets attacker execute arbitrary code
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
646754: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646754
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: phpldapadmin
Version: 1.2.0.5-2
Severity: critical
Tags: security upstream
Justification: root security hole
All versions of phpldapadmin <= 1.2.1.1 (all released versions as of
today) are vulnerable to a remote code execution bug. Arbitrary code can be
executed as the user running the web server that phpldapadmin is running
under (usually www-data). Details can be found here:
- exploit DB: http://www.exploit-db.com/exploits/18021/
- phpldapadmin bug tracker:
http://sourceforge.net/tracker/index.php?func=detail&aid=3417184&group_id=61828&atid=498546
- example of exploit in the wild: http://dev.metasploit.com/redmine/issues/5820
Justification for critical status: I'm not sure if www-data would be
considered a "privileged" account, but I believe this exploit could be
used to stage a man-in-the-middle attack against anyone logging into
phpldapadmin as the LDAP administrator user.
-- System Information:
Debian Release: 6.0.2
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages phpldapadmin depends on:
ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management sy
ii lighttpd [httpd] 1.4.28-2 A fast webserver with minimal memo
ii php5 5.3.3-7+squeeze3 server-side, HTML-embedded scripti
ii php5-cgi 5.3.3-7+squeeze3 server-side, HTML-embedded scripti
ii php5-ldap 5.3.3-7+squeeze3 LDAP module for php5
ii ucf 3.0025+nmu1 Update Configuration File: preserv
phpldapadmin recommends no packages.
phpldapadmin suggests no packages.
-- debconf information excluded
--- End Message ---
--- Begin Message ---
Source: phpldapadmin
Source-Version: 1.2.0.5-2.1
We believe that the bug you reported is fixed in the latest version of
phpldapadmin, which is due to be installed in the Debian FTP archive:
phpldapadmin_1.2.0.5-2.1.diff.gz
to main/p/phpldapadmin/phpldapadmin_1.2.0.5-2.1.diff.gz
phpldapadmin_1.2.0.5-2.1.dsc
to main/p/phpldapadmin/phpldapadmin_1.2.0.5-2.1.dsc
phpldapadmin_1.2.0.5-2.1_all.deb
to main/p/phpldapadmin/phpldapadmin_1.2.0.5-2.1_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 646...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jonathan Wiltshire <j...@debian.org> (supplier of updated phpldapadmin package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 27 Oct 2011 17:51:24 +0100
Source: phpldapadmin
Binary: phpldapadmin
Architecture: source all
Version: 1.2.0.5-2.1
Distribution: unstable
Urgency: high
Maintainer: Fabio Tranchitella <kob...@debian.org>
Changed-By: Jonathan Wiltshire <j...@debian.org>
Description:
phpldapadmin - web based interface for administering LDAP servers
Closes: 646754 646769
Changes:
phpldapadmin (1.2.0.5-2.1) unstable; urgency=high
.
* Non-maintainer upload.
* CVE-2011-4074 Fix XSS vulnerability in debug code (Closes: #646769)
* CVE-2011-4075 Fix arbitrary code execution by unauthenticated users
(Closes: #646754)
Checksums-Sha1:
f6d86b56229db00e7c48fd3621ebd3e4d4fb932d 1723 phpldapadmin_1.2.0.5-2.1.dsc
49c219b7126dd9357c226bf35ffac7020727d84c 25005 phpldapadmin_1.2.0.5-2.1.diff.gz
b263c5ed27354e920b2e4e84f5adc18f360358d8 1266724
phpldapadmin_1.2.0.5-2.1_all.deb
Checksums-Sha256:
de160987eb6ae9fb927075446ce7a08f0f39c6d7385f61f8ba1567c61ea6ea34 1723
phpldapadmin_1.2.0.5-2.1.dsc
a1c6dbc7842df92ddc54fc30ce13c3042e7dbcb8bdab1f7bb61de87a0ac91a15 25005
phpldapadmin_1.2.0.5-2.1.diff.gz
18f70e2a3847ef1729043a71e1aed338d7788ba96212f1d2285ef39145c1d61f 1266724
phpldapadmin_1.2.0.5-2.1_all.deb
Files:
42f745fe3da0af28a60f3a165c2627ce 1723 admin extra phpldapadmin_1.2.0.5-2.1.dsc
c8df93849f4cd3923f5c5596c9ac76e5 25005 admin extra
phpldapadmin_1.2.0.5-2.1.diff.gz
d88f1c1ca798855c9ab42ecfced4a6ae 1266724 admin extra
phpldapadmin_1.2.0.5-2.1_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.11 (GNU/Linux)
iQIcBAEBAgAGBQJOqbcxAAoJEFOUR53TUkxR9tEP/A6OBh7FLA1FQ9XjKwe3i17N
Y9+CipzUWZV1CExTyDlLDhnhQedYub4bvP6TXPV/dnQyDVQfB7D6CLeW6s5m3BnS
M/x6LtWMRJJ56ODlYvmm5Ydj9D8sTkwrGV/+KhBBa8fqXNn3cansAgIzLfAo/W18
BGhdkwtTO1Da6j1Y/O4DIkLaOz6WMuPd6y8UYTehgCrvmpa6spKxJ1irEpLR48dl
lvnqp5SJt5o+/1/vNqYNvjOvUdnAYKP8sFp/aWF8Lx7qutQ2j6/wsWO0RyptkQJw
1qTREIFLqSOue5uEf87kiG7KvyV/JW+HtJUbKS9E7gD63C2nr3JkTjGrj82ecaUO
t9UnM75Bnbve1JLr8evxSeRoGzOzcIYwoa/Qv26gl79VdYK55rhkGEs7u2VkfDhY
fp6NKI703CmE2Ak3VgV8Vb1XxiWXMdyUoa3Bbxn+pfuoq6O0wWe8e7SjN0HK+IFq
zXYPM9CHvCigrtWaTCCGsNzfzrPwlsikBWvOjMnl1qlimixqn/+85QUXq+nJIFPQ
7+CSGaJtvo1Ws4/NwyH5FGwBNqkifHREhrL0DSraJ6RP+QXxv8GiczlERzdm8b+m
yrIYC7VpQgdon1Ucg474lZ8nHjQIRB+eMxV5yRyf4f2rGk3hvsSLTvXFF30mTXFn
h+/+MMPFoVrJo6kmwaO/
=zoVM
-----END PGP SIGNATURE-----
--- End Message ---
