|
|
Subscribe / Log in / New account

Debian-LTS alert DLA-392-1 (roundcube)



From:
    	      Thorsten Alteholz <debian@alteholz.de> 


To:
    	      debian-lts-announce@lists.debian.org 


Subject:
    	      [SECURITY] [DLA 392-1] roundcube security update 


Date:
    	      Sun, 17 Jan 2016 19:27:52 +0100 (CET)


Message-ID:
    	      <alpine.DEB.2.02.1601171924080.27802@jupiter.server.alteholz.net>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : roundcube
Version        : 0.3.1-6+deb6u1
CVE ID         : CVE-2015-8770

High-Tech Bridge Security Research Lab discovered a path traversal 
vulnerability in a popular webmail client Roundcube. Vulnerability can be 
exploited to gain access to sensitive information and under certain 
circumstances to execute arbitrary code and totally compromise the 
vulnerable server.

The vulnerability exists due to insufficient sanitization of "_skin" HTTP 
POST parameter in "/index.php" script when changing between different 
skins of the web application. A remote authenticated attacker can use path 
traversal sequences (e.g. "../../") to load a new skin from arbitrary 
location on the system, readable by the webserver.



(sorry for first uploading a package with a wrong version 0.3.1-6+dab6u1)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJWm90oXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHEsQP/j+QZ+IFCPs2/2yLbsgPr0oq
pUynK5IdXRq6DfJFrr/GZzxvHtlFZbL23q5C53K8aebN/FuMLadUTIK1yDw6Xda/
PQtJBnDkONLgRtSqdqYQuOdXUTRBN+2CLFqpBH/H5Nux5n67lDjcudG8rEiW+gjO
lkcQ6ETGLdInQYNX5jvVkkV7LVDoSUDFV5nU9AOZmqb/G7wUpCFKwJyNR7GRWoxc
wMZwvWfXcIkyclb6TFxbytN4rbPhnXS6mcOsKY0nxiLXytzBhoy59WsyMc9B1URz
ktKjjzLnQcJ9lAdKuKtvZPOy2+Ky99SvLwAWFgR6x/o3yI2WwiNtsJtjjdwfGr/b
w1ryIKzT/s088pStLjg7rXSsdVX4dp0o5NM/TKEEZDT7H0dP4CxfqEQbFK1lQSWJ
3b3t0A/tww5q5aMlQznqAAiYVKosJy8WU54t1rXfFxqeQALd2uELb1M6Ge3ymH1S
adp2sNzxRIIQBoS7vOwdisBuSJejoZfZMvlEn/QykPrcWfsbvEqXzHA7Pd4K3rkM
hNcYKV9aZ8rShBGkCgdUWXdzLky2VnbLGjUFWMBU2yHJdhD4wqOmdYUp6voAmP+j
9MAj3dlJX03K0cLTCNJd+UAwF36GnOnDN5y2yr8YLR52hhT+s+sqFTPpbRzvtyrZ
CG6VGwYtd44UtBKKXAjP
=uIdW
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds