RoundCube: Security bypass — GLSA 201707-11

A vulnerability in RoundCube may allow authenticated users to bypass security restrictions.

Affected Packages

mail-client/roundcube on all architectures
Affected versions < 1.2.5
Unaffected versions >= 1.2.5

Background

Free and open source webmail software for the masses, written in PHP.

Description

Authenticated users can arbitrarily reset passwords due to a problem caused by an improperly restricted exec call in the virtualmin and sasl drivers of the password plugin.

Impact

Authenticated users can bypass security restrictions and elevate privileges.

Workaround

There is no known workaround at this time.

Resolution

All RoundCube users should upgrade to the latest version:

 # emerge --sync
 # emerge --ask --oneshot --verbose ">=mail-client/roundcube-1.2.5"
 

References

Release Date
July 08, 2017

Latest Revision
July 08, 2017: 1

Severity
normal

Exploitable
remote

Bugzilla entries