[Secure-testing-team] Bug#504253: CVE-2007-3215: remote shell command execution in class.phpmailer.php
Raphael Geissert
atomo64 at gmail.com
Sun Nov 2 05:51:58 UTC 2008
Package: mahara
Severity: grave
Version: 1.0.4-2
Tags: security patch
Hi,
The following CVE (Common Vulnerabilities & Exposures) id was published for
PHPMailer, which affects the embedded copy shipped in mahara[0].
CVE-2007-3215[1]:
> PHPMailer 1.7, when configured to use sendmail, allows remote attackers to
> execute arbitrary shell commands via shell metacharacters in the
> SendmailSend function in class.phpmailer.php.
The patch for class.phpmailer.php can be found at [2]. However, it would be
better if mahara just depended on libphp-phpmailer (available in since etch)
and the include/require calls changed to use the copy provided by that
package, to avoid shipping yet another embedded code copy.
If you fix the vulnerability please also make sure to include the CVE id in
the changelog entry.
[0] usr/share/mahara/lib/phpmailer/class.phpmailer.php
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3215
http://security-tracker.debian.net/tracker/CVE-2007-3215
[2]http://sourceforge.net/tracker/index.php?func=detail&aid=1734811&group_id=26031&atid=385707
Cheers,
--
Raphael Geissert - Debian Maintainer
www.debian.org - get.debian.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20081101/1ecf3625/attachment.pgp
More information about the Secure-testing-team
mailing list