Multiple vulnerabilities have been discovered in phpCollab allowing for remote injection of shell commands, PHP code and SQL statements.
Package | www-apps/phpcollab on all architectures |
---|---|
Affected versions | <= 2.5_rc3 |
Unaffected versions |
phpCollab is a web-enabled groupware and project management software written in PHP. It uses SQL-based database backends.
Multiple vulnerabilities have been found in phpCollab:
These vulnerabilities enable remote attackers to execute arbitrary SQL statements and PHP code. NOTE: Some of the SQL injection vulnerabilities require the php.ini option "magic_quotes_gpc" to be disabled. Furthermore, an attacker might be able to execute arbitrary shell commands if "register_globals" is enabled, "magic_quotes_gpc" is disabled, the PHP OpenSSL extension is not installed or loaded and the file "installation/setup.php" has not been deleted after installation.
There is no known workaround at this time.
phpCollab has been removed from the Portage tree. We recommend that users unmerge phpCollab:
# emerge --unmerge "www-apps/phpcollab"
Release date
December 21, 2008
Latest revision
December 21, 2008: 01
Severity
high
Exploitable
remote
Bugzilla entries