[Secure-testing-team] Bug#504235: CVE-2008-4796: missing input sanitising in embedded copy of Snoopy.class.php
Raphael Geissert
atomo64 at gmail.com
Sun Nov 2 01:22:57 UTC 2008
Package: moodle
Severity: grave
Version: 1.8.2-1.3
Tags: security, patch
Hi,
The following CVE (Common Vulnerabilities & Exposures) id was published for
snoopy, which affects the embedded copy shipped by moodle [0].
CVE-2008-4796[1]:
> The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3
> and earlier allows remote attackers to execute arbitrary commands via
> shell metacharacters in https URLs. NOTE: some of these details are
> obtained from third party information.
The patch for Snoopy.class.php can be found at [2]. However, it would be
better if moodle just depended on libphp-snoopy (available in lenny) and the
include/require calls changed to use the copy provided by that package, to
avoid shipping yet another embedded code copy.
If you fix the vulnerability please also make sure to include the CVE id in
the changelog entry.
[0] usr/share/moodle/lib/snoopy/Snoopy.class.inc
[1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2008-4796
http://security-tracker.debian.net/tracker/CVE-2008-4796
[2] http://klecker.debian.org/~white/libphp-snoopy/CVE-2008-4796.patch
Cheers,
--
Raphael Geissert - Debian Maintainer
www.debian.org - get.debian.net
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 197 bytes
Desc: This is a digitally signed message part.
Url : http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20081101/d1f455c8/attachment.pgp
More information about the Secure-testing-team
mailing list