Raphael Geissert
2008-Nov-02 05:51 UTC
[Secure-testing-team] Bug#504253: CVE-2007-3215: remote shell command execution in class.phpmailer.php
Package: mahara Severity: grave Version: 1.0.4-2 Tags: security patch Hi, The following CVE (Common Vulnerabilities & Exposures) id was published for PHPMailer, which affects the embedded copy shipped in mahara[0]. CVE-2007-3215[1]:> PHPMailer 1.7, when configured to use sendmail, allows remote attackers to > execute arbitrary shell commands via shell metacharacters in the > SendmailSend function in class.phpmailer.php.The patch for class.phpmailer.php can be found at [2]. However, it would be better if mahara just depended on libphp-phpmailer (available in since etch) and the include/require calls changed to use the copy provided by that package, to avoid shipping yet another embedded code copy. If you fix the vulnerability please also make sure to include the CVE id in the changelog entry. [0] usr/share/mahara/lib/phpmailer/class.phpmailer.php [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-3215 ? ? ?http://security-tracker.debian.net/tracker/CVE-2007-3215 [2]http://sourceforge.net/tracker/index.php?func=detail&aid=1734811&group_id=26031&atid=385707 Cheers, -- Raphael Geissert - Debian Maintainer www.debian.org - get.debian.net -------------- next part -------------- A non-text attachment was scrubbed... Name: not available Type: application/pgp-signature Size: 197 bytes Desc: This is a digitally signed message part. Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20081101/1ecf3625/attachment.pgp