PHProjekt: Remote code execution vulnerability — GLSA 200412-27

PHProjekt contains a vulnerability that allows a remote attacker to execute arbitrary PHP code.

Affected Packages

www-apps/phprojekt on all architectures
Affected versions < 4.2-r2
Unaffected versions >= 4.2-r2

Background

PHProjekt is a modular groupware web application used to coordinate group activities and share files.

Description

cYon discovered that the authform.inc.php script allows a remote user to define the global variable $path_pre.

Impact

A remote attacker can exploit this vulnerability to force authform.inc.php to download and execute arbitrary PHP code with the privileges of the web server user.

Workaround

There is no known workaround at this time.

Resolution

All PHProjekt users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=www-apps/phprojekt-4.2-r2"

References

Release Date
December 30, 2004

Latest Revision
December 30, 2004: 01

Severity
high

Exploitable
remote

Bugzilla entries