[SECURITY] [DLA 869-1] cgiemail security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : cgiemail
Version : 1.6-37+deb7u1
CVE ID : CVE-2017-5613 CVE-2017-5614 CVE-2017-5615 CVE-2017-5616
Debian Bug : 852031
The cPanel Security Team discovered several security vulnerabilities in
cgiemail, a CGI program used to create HTML forms for sending mails:
CVE-2017-5613
A format string injection vulnerability allowed to supply arbitrary
format strings to cgiemail and cgiecho. A local attacker with
permissions to provide a cgiemail template could use this
vulnerability to execute code as webserver user.
Format strings in cgiemail tempaltes are now restricted to simple
%s, %U and %H sequences.
CVE-2017-5614
An open redirect vulnerability in cgiemail and cgiecho binaries
could be exploited by a local attacker to force redirect to an
arbitrary URL. These redirects are now limited to the domain that
handled the request.
CVE-2017-5615
A vulnerability in cgiemail and cgiecho binaries allowed injection
of additional HTTP headers. Newline characters are now stripped
from the redirect location to protect against this.
CVE-2017-5616
Missing escaping of the addendum parameter lead to a reflected
cross-site (XSS) vulnerability in cgiemail and cgiecho binaries.
The output is now html escaped.
For Debian 7 "Wheezy", these problems have been fixed in version
1.6-37+deb7u1.
We recommend that you upgrade your cgiemail packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
- --
Jonas Meurer
-----BEGIN PGP SIGNATURE-----
iQJEBAEBCAAuFiEELIzSg9Pv30M4kOeDUmLn/0kQSf4FAljVC7MQHG1lam9AZGVi
aWFuLm9yZwAKCRBSYuf/SRBJ/l4hD/9PEYw94ae5Qs5Gorg3c6Hq7ZVdmltIyO0t
hNbB2dL0cy8pQT91y1y613fUYHonVOmATllcVNIO/HzSGkHCd0lfzhU5I2K2IiOR
wo1rxAr9mo4UEqFolTpKE/v72q6hU++Nwgnsq+jfzgYQSirga7HUMPHWOFKhbxbg
6ySqmxc3gbtLjnIzrYKHTQhOrlS3h2GYiezFsO07WnFm1U2dKU5cymoxlPwKPqoN
uPAIQXF2k7dgkCW25F6MHtrvpCNiI5dWJKXzA9HeuFc5wjgHTYxhTEK+d1lA0Ft8
nWx0VMiYZ4AK04oUOrq6ZtEOLuq09bLktzLBXn5g0wuFcTzsYBuSoiUt5Z6hFk82
wL0eqvFG/GRN5dBkomo+5FmvWwLvKQla3U6RGG+yXxRCXOcKfB1aiYwCsPpx1UST
vWZ9rOkZhbHzxeBEhP5D/4bD3Xk4NgGByRVsniUserhRKJxjzNBZnFFIPLAVkxIr
Hj5DErqP/LFS52+muPNXaA3LoqSvr2pq8HA34eZOmy8KddlpXb1WyVrstWWmDxSL
tf8Vjp++a353lH69X/5zqgJDTndh9z4RvL1AMfSCV3viCMKC3FS586egs7bR6oaG
sDac3dY1XpGzKSJbFWqyokG0xnKhiAoup6hNJK10EBhRdSDX9q26WpSDRqh+ognO
peC0Q6o3fw==
=56RG
-----END PGP SIGNATURE-----
Reply to: