Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date: Thu, 28 Mar 2013 12:08:18 -0600
From: Kurt Seifried <kseifried@...hat.com>
To: oss-security@...ts.openwall.com
CC: Jan Lieskovsky <jlieskov@...hat.com>,
        "Steven M. Christey" <coley@...us.mitre.org>
Subject: Re: CVE Request -- roundcubemail: Local file inclusion
 via web UI modification of certain config options

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 03/28/2013 08:47 AM, Jan Lieskovsky wrote:
> Hello Kurt, Steve, vendors,
> 
> RoundCube Webmail upstream has released 0.8.6 and 0.7.3 versions to
> correct one security flaw:
> 
> A local file inclusion flaw was found in the way RoundCube Webmail,
> a browser-based multilingual IMAP client, performed validation of
> the 'generic_message_footer' value provided via web user interface
> in certain circumstances. A remote attacker could issue a
> specially-crafted request that, when processed by RoundCube Webmail
> could allow an attacker to obtain arbitrary file on the system,
> accessible with the privileges of the user running RoundCube
> Webmail client.
> 
> References: [1] https://bugzilla.redhat.com/show_bug.cgi?id=928835 
> [2] http://sourceforge.net/news/?group_id=139281&id=310497 [3]
> http://lists.roundcube.net/pipermail/dev/2013-March/022328.html [4]
> https://bugs.gentoo.org/show_bug.cgi?id=463554
> 
> Upstream patches: [5] http://ow.ly/jtQD0 [6] http://ow.ly/jtQHM [7]
> http://ow.ly/jtQK0 [8] http://ow.ly/jtQNd
> 
> Could you allocate a CVE id for this?

Please use CVE-2013-1904 for this issue.

> Than you && Regards, Jan. -- Jan iankko Lieskovsky / Red Hat
> Security Response Team
> 


- -- 
Kurt Seifried Red Hat Security Response Team (SRT)
PGP: 0x5E267993 A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)

iQIcBAEBAgAGBQJRVIcSAAoJEBYNRVNeJnmT1OIQAKUfTbk8G9/EPpYq6Fb1Cnrh
6LSb9FJQtIwJBmC0PeId8HGOU3H1NSFwkbQT9bdXpA+EITHgtzyTlRME8uMvrz0A
82L7dlk1hJS9mhgcm5ED460Belue7AHSfolHZ8Ny7i+r2QK4f5kNdubBa9uPu7rg
hgWAkas2hpTB8MCslXOZR8BanqI3QRCpm2/T+/pP9f5GXTUL6BFEZD+ovyTeYvhQ
16QdTheiR6hMhL2FKZpZF94FmV/rBe7sFa6VbrmPH4Hbn5AqP+bxuhjf0sRPyj9X
ivkxc44s4i4MSz/N6iB2XCXKTUxhpD2ZysKP65CJCbMoEMvQPYohi7Bs9Ez+2iN2
1+18ll29z/IY4a4FyoTD6dsUXZqRiw69SRyZCYG+gqkffGF0pLsyG1U1YWAo0TBy
9lBu6dq/upUPI4+JzWJAVBewKxcGgf9W3+7rpK//qRDi8/2b1Ruq3NpFVTo8AxiY
YmUIt2tt0G6xwz9jk09La7T+4iYGAfkRwWO+eXQV6dopapsOxUCOPEell2kefeex
ozsAmQLY5ciLElj0YRXBNoKFZB0zoBhn6o4ZG4Svjuk7pH/MzR9SbQ0B15hCrK4U
Mlp5y+AxrrLdLKwltCLnT6mzXK8n1LL60R+8NpQn4JGVoKXh3ZWlN5EORqSD69ZP
wEbIKM9n8B+9LND0zZks
=HnvA
-----END PGP SIGNATURE-----

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ