Protect yourself against future threats.
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 =========================================================================== AUSCERT External Security Bulletin Redistribution ESB-2005.0684 -- Debian Security Advisory DSA 798-1 New phproupware packages fix several vulnerabilities 5 September 2005 =========================================================================== AusCERT Security Bulletin Summary --------------------------------- Product: phpgroupware Publisher: Debian Operating System: Debian GNU/Linux 3.1 UNIX variants Windows Impact: Execute Arbitrary Code/Commands Cross-site Scripting Access: Remote/Unauthenticated CVE Names: CAN-2005-2761 CAN-2005-2600 CAN-2005-2498 Ref: AL-2005.0026 Original Bulletin: http://www.debian.org/security/2005/dsa-798 - --------------------------BEGIN INCLUDED TEXT-------------------- - -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - - -------------------------------------------------------------------------- Debian Security Advisory DSA 798-1 security@debian.org http://www.debian.org/security/ Martin Schulze September 2nd, 2005 http://www.debian.org/security/faq - - -------------------------------------------------------------------------- Package : phpgroupware Vulnerability : several Problem-Type : remote Debian-specific: no CVE ID : CAN-2005-2498 CAN-2005-2600 CAN-2005-2761 Several vulnerabilities have been discovered in phpgroupware, a web based groupware system written in PHP. The Common Vulnerabilities and Exposures project identifies the following problems: CAN-2005-2498 Stefan Esser discovered another vulnerability in the XML-RPC libraries that allows injection of arbitrary PHP code into eval() statements. The XMLRPC component has been disabled. CAN-2005-2600 Alexander Heidenreich discovered a cross-site scriptiong problem in the tree view of FUD Forum Bulletin Board Software, which is also present in phpgroupware. CAN-2005-2761 A global cross-site scripting fix has also been included that protects against potential malicious scripts embedded in CSS and xmlns in various parts of the application and modules. This update also contains a postinst bugfix that has been approved for the next update to the stable release. For the old stable distribution (woody) these problems don't apply. For the stable distribution (sarge) these problems have been fixed in version 0.9.16.005-3.sarge2. For the unstable distribution (sid) these problems have been fixed in version 0.9.16.008. We recommend that you upgrade your phpgroupware packages. Upgrade Instructions - - -------------------- wget url will fetch the file for you dpkg -i file.deb will install the referenced file. If you are using the apt-get package manager, use the line for sources.list as given below: apt-get update will update the internal database apt-get upgrade will install corrected packages You may use an automated update by adding the resources from the footer to the proper configuration. Debian GNU/Linux 3.1 alias sarge - - -------------------------------- Source archives: http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.16.005-3.sarge2.dsc Size/MD5 checksum: 1665 e10b74698fb0ccd70d9960c4e9745224 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.16.005-3.sarge2.diff.gz Size/MD5 checksum: 36212 ce2653530ea7790676d68687ac9ab89a http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.16.005.orig.tar.gz Size/MD5 checksum: 19442629 5edd5518e8f77174c12844f9cfad6ac4 Architecture independent components: http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-addressbook_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 176408 e62845031a7af8182d876d93ce3a653d http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-admin_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 186202 70608b587089d644a3c2ff787f6ef3a0 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-bookmarks_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 100830 97695db70fdda862347531f7b22b40cd http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-calendar_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 323858 db8259d262257e59a620113a97dc5a75 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-chat_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 23068 57ecbc9bed7823851eef44102e59e36d http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-comic_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 434086 f8c1e175ab1b1dc0b337ca47f3670f30 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-core_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 6388 690fb88e32c50d3d00f440362c27dc78 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-developer-tools_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 33196 dab4c5133ea41f23a8752d93e8bd9786 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-dj_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 42654 9db6fec8e4687d8fe6099a467a8246db http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-eldaptir_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 50302 f4aeb63d1aeaa72c2bbfa6a5c0f8f247 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-email_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 1117628 e467218f15060c0edbabaa85cc6d561e http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-etemplate_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 1329298 95e88686c6212b6b1fcbfe404aef76ea http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-felamimail_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 180022 5930fda4d00b9814600dd3164243e678 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-filemanager_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 91478 d2bd73cc22569c599fcadbedcfe1abb6 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-folders_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 166208 3b310fc7dedb0c055e1bbb451b61edd8 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-forum_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 45422 37e0f53559aa145decf9ee82906f6225 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-ftp_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 36296 e196baee2c1c89fc3872ea91b4046845 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-fudforum_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 1355378 5453aa07a4c4372f247a994d7122170d http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-headlines_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 63786 533a084f5b12d9471fd0bf8e7eb471a1 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-hr_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 18712 feaa03f55c431cb7265c98dd5ea3ccbb http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-img_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 8472 4595ab292c8139cbe4596754403a471a http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-infolog_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 136256 9f5270506681b88bc7b55c459e7c6ab6 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-manual_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 90472 8a82ed20e8bb22e098610bf988338966 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-messenger_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 25864 fe33aebc1fe6887b3a36624139216092 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-news-admin_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 41170 971b81d589f9ec41661260c666d7b0ac http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-nntp_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 46804 749dcf3257343b66b0d866fdfee0a933 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-notes_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 34828 4135f525d65dafde78ab72da65e84ab7 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-phonelog_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 20566 cca6d535bd572adb89be5337c2ea4081 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-phpbrain_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 40058 e4fd11ffcc187d218e8e761443210de2 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-phpgwapi_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 9677508 a2e03ccffbc07f28b7e40610a223173b http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-phpsysinfo_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 116316 ea045a4a3bc0b30fefa3105d781f1e6b http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-polls_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 31390 42add8aa672fcbad2bc45bcc86de345f http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-preferences_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 59496 907318b665a238d7d272125377e786ff http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-projects_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 120176 6d4c7741a3706276da2e67f76ccda644 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-qmailldap_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 23352 8d9360711e849414a9e331b820a06e7e http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-registration_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 29810 c1414f1646c86cc9548cd21091b9402d http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-setup_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 267152 dc7418b235702e20c9c746116a41cd0b http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-sitemgr_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 902332 d18c60e4a310be6a8079659d9edb1ef3 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-skel_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 19062 5c21d71782cb4790f0037ae7358c6366 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-soap_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 23888 001d27f63b54f9a60788b0512f3b0315 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-stocks_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 21842 20bdf757aa0ba7d6e7ddd64454af89c5 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-todo_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 50120 825d4e389401fe8d3ed3cc4f5bad71ed http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-tts_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 55662 7594f3210ebd11e91f483aac7cc9c20b http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-wiki_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 70170 01379389b829ca8fc81f820df5ba0f76 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-xmlrpc_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 62818 303dbc331b9bdab5e476a6dacfe08a87 http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.16.005-3.sarge2_all.deb Size/MD5 checksum: 156040 b02eea4ffa8eac66bab0e673df7a5afa These files will probably be moved into the stable distribution on its next update. - - --------------------------------------------------------------------------------- For apt-get: deb http://security.debian.org/ stable/updates main For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main Mailing list: debian-security-announce@lists.debian.org Package info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg> - -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (GNU/Linux) iD8DBQFDGDHkW5ql+IAeqTIRAgjKAJ0ZQXrESKCx66FOz2YV+Rkz0503aQCeLPqe Jol2uYCvFJbwPaWvi2tinCg= =lz87 - -----END PGP SIGNATURE----- - --------------------------END INCLUDED TEXT-------------------- You have received this e-mail bulletin as a result of your organisation's registration with AusCERT. The mailing list you are subscribed to is maintained within your organisation, so if you do not wish to continue receiving these bulletins you should contact your local IT manager. If you do not know who that is, please send an email to auscert@auscert.org.au and we will forward your request to the appropriate person. NOTE: Third Party Rights This security bulletin is provided as a service to AusCERT's members. As AusCERT did not write the document quoted above, AusCERT has had no control over its content. The decision to follow or act on information or advice contained in this security bulletin is the responsibility of each user or organisation, and should be considered in accordance with your organisation's site policies and procedures. AusCERT takes no responsibility for consequences which may arise from following or acting on information or advice contained in this security bulletin. NOTE: This is only the original release of the security bulletin. It may not be updated when updates to the original are made. If downloading at a later date, it is recommended that the bulletin is retrieved directly from the author's website to ensure that the information is still current. Contact information for the authors of the original document is included in the Security Bulletin above. If you have any questions or need further information, please contact them directly. Previous advisories and external security bulletins can be retrieved from: http://www.auscert.org.au/render.html?cid=1980 If you believe that your computer system has been compromised or attacked in any way, we encourage you to let us know by completing the secure National IT Incident Reporting Form at: http://www.auscert.org.au/render.html?it=3192 =========================================================================== Australian Computer Emergency Response Team The University of Queensland Brisbane Qld 4072 Internet Email: auscert@auscert.org.au Facsimile: (07) 3365 7031 Telephone: (07) 3365 4417 (International: +61 7 3365 4417) AusCERT personnel answer during Queensland business hours which are GMT+10:00 (AEST). On call after hours for member emergencies only. =========================================================================== -----BEGIN PGP SIGNATURE----- Comment: http://www.auscert.org.au/render.html?it=1967 iQCVAwUBQxugkCh9+71yA2DNAQIqewQAjafxoqQ7wS0/HeMUbS2tZv4kDLChVxqx ASW61OUTT7sSxxFm91rf+oxbZRx9V99lzVC7L3l7Fkb+iDUTabB59TzfOtRM2qNz 2PhqYKx96CrI1QkPbiSWVY2QOy2p7hM65/U4jfVF/t3nsNvYTjqhQP7gtUpcPGvQ NYi1GdpvIDc= =+Eja -----END PGP SIGNATURE-----