OSVDB ID: 62805

Title: eGroupWare spellchecker.php Multiple Parameter Arbitrary Shell Command Execution

Info

Disclosure

Mar 09, 2010

Discovery

Unknown

Dates

Exploit

Unknown

Solution

Mar 09, 2010

Description

eGroupWare contains a flaw that may allow a remote attacker to execute arbitrary shell commands. The issue is due to the 'spellchecker.php' script not properly sanitizing user-supplied input to the 'spellchecker_lang' and 'aspell_path' parameters. This may allow an attacker to execute arbitrary shell commands.

Classification

Location: Remote / Network Access
Attack Type: Input Manipulation
Impact: Loss of Integrity
Solution: Upgrade
Disclosure: Vendor Verified
OSVDB: Web Related

Solution

Upgrade to version 1.6.003 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Products

Unknown or Incomplete

References

Exploit Database: 11777
CVE ID: 2010-3313 (see also: NVD)
Secunia Advisory ID: 38859 38924
Related OSVDB ID: 62804
Vendor Specific News/Changelog Entry: http://lists.debian.org/debian-security-announce/2010/msg00053.html
http://www.egroupware.org/changelog
http://www.egroupware.org/news?category_id=95&item=93
Other Advisory URL: http://www.debian.org/security/2010/dsa-2013
http://www.openwall.com/lists/oss-security/2010/09/21/7

Credit

Unknown or Incomplete

Direct URL: http://osvdb.org/62805