Your message dated Wed, 28 Dec 2011 01:57:20 +0000
with message-id <e1rfilc-0000o1...@franck.debian.org>
and subject line Bug#646754: fixed in phpldapadmin 1.1.0.5-6+lenny2
has caused the Debian Bug report #646754,
regarding Exploit in phpldapadmin lets attacker execute arbitrary code
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)
--
646754: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=646754
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems
--- Begin Message ---
Package: phpldapadmin
Version: 1.2.0.5-2
Severity: critical
Tags: security upstream
Justification: root security hole
All versions of phpldapadmin <= 1.2.1.1 (all released versions as of
today) are vulnerable to a remote code execution bug. Arbitrary code can be
executed as the user running the web server that phpldapadmin is running
under (usually www-data). Details can be found here:
- exploit DB: http://www.exploit-db.com/exploits/18021/
- phpldapadmin bug tracker:
http://sourceforge.net/tracker/index.php?func=detail&aid=3417184&group_id=61828&atid=498546
- example of exploit in the wild: http://dev.metasploit.com/redmine/issues/5820
Justification for critical status: I'm not sure if www-data would be
considered a "privileged" account, but I believe this exploit could be
used to stage a man-in-the-middle attack against anyone logging into
phpldapadmin as the LDAP administrator user.
-- System Information:
Debian Release: 6.0.2
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.32-5-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Versions of packages phpldapadmin depends on:
ii debconf [debconf-2.0] 1.5.36.1 Debian configuration management sy
ii lighttpd [httpd] 1.4.28-2 A fast webserver with minimal memo
ii php5 5.3.3-7+squeeze3 server-side, HTML-embedded scripti
ii php5-cgi 5.3.3-7+squeeze3 server-side, HTML-embedded scripti
ii php5-ldap 5.3.3-7+squeeze3 LDAP module for php5
ii ucf 3.0025+nmu1 Update Configuration File: preserv
phpldapadmin recommends no packages.
phpldapadmin suggests no packages.
-- debconf information excluded
--- End Message ---
--- Begin Message ---
Source: phpldapadmin
Source-Version: 1.1.0.5-6+lenny2
We believe that the bug you reported is fixed in the latest version of
phpldapadmin, which is due to be installed in the Debian FTP archive:
phpldapadmin_1.1.0.5-6+lenny2.diff.gz
to main/p/phpldapadmin/phpldapadmin_1.1.0.5-6+lenny2.diff.gz
phpldapadmin_1.1.0.5-6+lenny2.dsc
to main/p/phpldapadmin/phpldapadmin_1.1.0.5-6+lenny2.dsc
phpldapadmin_1.1.0.5-6+lenny2_all.deb
to main/p/phpldapadmin/phpldapadmin_1.1.0.5-6+lenny2_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 646...@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Jonathan Wiltshire <j...@debian.org> (supplier of updated phpldapadmin package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmas...@debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.8
Date: Thu, 27 Oct 2011 12:54:16 +0100
Source: phpldapadmin
Binary: phpldapadmin
Architecture: source all
Version: 1.1.0.5-6+lenny2
Distribution: oldstable-security
Urgency: high
Maintainer: Fabio Tranchitella <kob...@debian.org>
Changed-By: Jonathan Wiltshire <j...@debian.org>
Description:
phpldapadmin - web based interface for administering LDAP servers
Closes: 646754 646769
Changes:
phpldapadmin (1.1.0.5-6+lenny2) oldstable-security; urgency=high
.
* Non-maintainer upload by the security team
* CVE-2011-4074 Fix XSS vulnerability in debug code (Closes: #646769)
* CVE-2011-4075 Fix remote code execution by anonymous users (Closes:
#646754)
Checksums-Sha1:
a64e574f764305eddcd50dc92d2399d5bac569f6 1360 phpldapadmin_1.1.0.5-6+lenny2.dsc
93a7cb2466d554b431fde7278f78f2c87c5edb81 1031912
phpldapadmin_1.1.0.5.orig.tar.gz
7e45e6e3866bd4bb511ab80202ef3597b752f3c9 22802
phpldapadmin_1.1.0.5-6+lenny2.diff.gz
0983ac16d4ddcde07dfbf1fc31e042e7fdf2d8f5 933340
phpldapadmin_1.1.0.5-6+lenny2_all.deb
Checksums-Sha256:
cc92d62a6186ce70bf8f40276abbc8d0211cb7b208e64b30bb64674ac34de32b 1360
phpldapadmin_1.1.0.5-6+lenny2.dsc
1247c3d0fb671d6c8cc27319b659ba7c9402abb70c904e0ece83c8b7dcc26e1b 1031912
phpldapadmin_1.1.0.5.orig.tar.gz
70c5be9858ff34bfa5638eb6e5ba2a64bd32c96a17336a7ad9569318a240b666 22802
phpldapadmin_1.1.0.5-6+lenny2.diff.gz
63de2ec8d29bbe2d83c65fc17646426570c553b732664601fc0ddd513a0f0b65 933340
phpldapadmin_1.1.0.5-6+lenny2_all.deb
Files:
70629b037b3ce62e82e851eed74c62f6 1360 admin extra
phpldapadmin_1.1.0.5-6+lenny2.dsc
5ea78a6758e347c77ef291882675f266 1031912 admin extra
phpldapadmin_1.1.0.5.orig.tar.gz
76a36ece8a672e6f95ae28d306aa18fc 22802 admin extra
phpldapadmin_1.1.0.5-6+lenny2.diff.gz
47fd40e5aa9893873237810a331ea3c5 933340 admin extra
phpldapadmin_1.1.0.5-6+lenny2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iQEcBAEBAgAGBQJO+h9ZAAoJEOxfUAG2iX57SCMH/2+YV0uG3tPK4zot2in24S2x
DhKS8kH03SrTiN4c5pq7vFKheVp5yp6uucGxWh0+jZFoCVtIyKN76K4v+QLXC0MK
xUOflZYlUG3kMlJykKroPxeo0zcLLIOjBPvRD5KVtRcccnRzRH5wWV5ll8odwBN+
50EAi4/8uVpQwvI9gp4X+sUefiajCs2IGxCt/p7iwRhTm6f9rOQ6lsCxVMtNxM/n
HvW4SPIUpn0Qu280RKOD9ZtG38fOxie3eDlnKChfdUWaXH/9gRwzP/AxnhF2sMzJ
Q7i5JQ9ufwP8QbY0TtkOS/XIZSc5V0y8chZpx+vxSkvm8ms/ipzfqnlt2A/d3Ns=
=wnC4
-----END PGP SIGNATURE-----
--- End Message ---
