[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

[SECURITY] [DLA 392-1] roundcube security update

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

Package        : roundcube
Version        : 0.3.1-6+deb6u1
CVE ID         : CVE-2015-8770
High-Tech Bridge Security Research Lab discovered a path traversal vulnerability in a popular webmail client Roundcube. Vulnerability can be exploited to gain access to sensitive information and under certain circumstances to execute arbitrary code and totally compromise the vulnerable server.
The vulnerability exists due to insufficient sanitization of "_skin" HTTP POST parameter in "/index.php" script when changing between different skins of the web application. A remote authenticated attacker can use path traversal sequences (e.g. "../../") to load a new skin from arbitrary location on the system, readable by the webserver. 



(sorry for first uploading a package with a wrong version 0.3.1-6+dab6u1)
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iQJ8BAEBCgBmBQJWm90oXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hHEsQP/j+QZ+IFCPs2/2yLbsgPr0oq
pUynK5IdXRq6DfJFrr/GZzxvHtlFZbL23q5C53K8aebN/FuMLadUTIK1yDw6Xda/
PQtJBnDkONLgRtSqdqYQuOdXUTRBN+2CLFqpBH/H5Nux5n67lDjcudG8rEiW+gjO
lkcQ6ETGLdInQYNX5jvVkkV7LVDoSUDFV5nU9AOZmqb/G7wUpCFKwJyNR7GRWoxc
wMZwvWfXcIkyclb6TFxbytN4rbPhnXS6mcOsKY0nxiLXytzBhoy59WsyMc9B1URz
ktKjjzLnQcJ9lAdKuKtvZPOy2+Ky99SvLwAWFgR6x/o3yI2WwiNtsJtjjdwfGr/b
w1ryIKzT/s088pStLjg7rXSsdVX4dp0o5NM/TKEEZDT7H0dP4CxfqEQbFK1lQSWJ
3b3t0A/tww5q5aMlQznqAAiYVKosJy8WU54t1rXfFxqeQALd2uELb1M6Ge3ymH1S
adp2sNzxRIIQBoS7vOwdisBuSJejoZfZMvlEn/QykPrcWfsbvEqXzHA7Pd4K3rkM
hNcYKV9aZ8rShBGkCgdUWXdzLky2VnbLGjUFWMBU2yHJdhD4wqOmdYUp6voAmP+j
9MAj3dlJX03K0cLTCNJd+UAwF36GnOnDN5y2yr8YLR52hhT+s+sqFTPpbRzvtyrZ
CG6VGwYtd44UtBKKXAjP
=uIdW
-----END PGP SIGNATURE-----
Reply to: