Debian Security Advisory

DSA-2030-1 mahara -- sql injection

Date Reported:
06 Apr 2010
Affected Packages:
mahara
Vulnerable:
Yes
Security database references:
In Mitre's CVE dictionary: CVE-2010-0400.
More information:

It was discovered that mahara, an electronic portfolio, weblog, and resume builder is not properly escaping input when generating a unique username based on a remote user name from a single sign-on application. An attacker can use this to compromise the mahara database via crafted user names.

For the stable distribution (lenny), this problem has been fixed in version 1.0.4-4+lenny5.

For the testing distribution (squeeze), this problem will be fixed soon.

For the unstable distribution (sid), this problem has been fixed in version 1.2.4-1.

We recommend that you upgrade your mahara packages.

Fixed in:

Debian GNU/Linux 5.0 (lenny)

Source:
http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+lenny5.diff.gz
http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+lenny5.dsc
http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4.orig.tar.gz
Architecture-independent component:
http://security.debian.org/pool/updates/main/m/mahara/mahara-apache2_1.0.4-4+lenny5_all.deb
http://security.debian.org/pool/updates/main/m/mahara/mahara_1.0.4-4+lenny5_all.deb

MD5 checksums of the listed files are available in the original advisory.