Raphael Geissert
2008-Nov-02 01:22 UTC
[Secure-testing-team] Bug#504235: CVE-2008-4796: missing input sanitising in embedded copy of Snoopy.class.php
Package: moodle Severity: grave Version: 1.8.2-1.3 Tags: security, patch Hi, The following CVE (Common Vulnerabilities & Exposures) id was published for snoopy, which affects the embedded copy shipped by moodle [0]. CVE-2008-4796[1]:> The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3 > and earlier allows remote attackers to execute arbitrary commands via > shell metacharacters in https URLs. NOTE: some of these details are > obtained from third party information.The patch for Snoopy.class.php can be found at [2]. However, it would be better if moodle just depended on libphp-snoopy (available in lenny) and the include/require calls changed to use the copy provided by that package, to avoid shipping yet another embedded code copy. If you fix the vulnerability please also make sure to include the CVE id in the changelog entry. [0] usr/share/moodle/lib/snoopy/Snoopy.class.inc [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4796 http://security-tracker.debian.net/tracker/CVE-2008-4796 [2] http://klecker.debian.org/~white/libphp-snoopy/CVE-2008-4796.patch Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20081101/d1f455c8/attachment.pgp