CVE-2010-3692:phpcas: Directory traversal vulnerability in the callback f...

VRDA Feed by

Vulnerability Response Decision Assistance Feed : Information for vulnerability impact analysis

[ about VRDA Feed | JPCERT/CC ]

Vulnerability Analysis Result (Revision No : 1)

[ Download XML ]

CVE-2010-3692

phpcas: Directory traversal vulnerability in the callback f...

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-3692

Original

Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter.

Translation (Show)

About This Analysis Information

Analysis Information Provider:

NIST NVD

First Published:

2010-10-07

Source Information Category:

Advisory, Alert

Last Updated:

2010-10-08

Affected Product Tags

cpe:/a:jasig:phpcas:0.2

cpe:/a:jasig:phpcas:0.3

cpe:/a:jasig:phpcas:0.3.1

cpe:/a:jasig:phpcas:0.3.2

cpe:/a:jasig:phpcas:0.4

cpe:/a:jasig:phpcas:0.4.1

cpe:/a:jasig:phpcas:0.4.10

cpe:/a:jasig:phpcas:0.4.11

cpe:/a:jasig:phpcas:0.4.12

cpe:/a:jasig:phpcas:0.4.13

cpe:/a:jasig:phpcas:0.4.14

cpe:/a:jasig:phpcas:0.4.15

cpe:/a:jasig:phpcas:0.4.16

cpe:/a:jasig:phpcas:0.4.17

cpe:/a:jasig:phpcas:0.4.18

cpe:/a:jasig:phpcas:0.4.19

cpe:/a:jasig:phpcas:0.4.20

cpe:/a:jasig:phpcas:0.4.21

cpe:/a:jasig:phpcas:0.4.22

cpe:/a:jasig:phpcas:0.4.23

cpe:/a:jasig:phpcas:0.4.8

cpe:/a:jasig:phpcas:0.4.9

cpe:/a:jasig:phpcas:0.5.0

cpe:/a:jasig:phpcas:0.5.1

cpe:/a:jasig:phpcas:0.6.0

cpe:/a:jasig:phpcas:1.0.0

cpe:/a:jasig:phpcas:1.0.1

cpe:/a:jasig:phpcas:1.1.0

cpe:/a:jasig:phpcas:1.1.1

cpe:/a:jasig:phpcas:1.1.2 and previous versions

Vulnerability Analysis Results

[Access Vector] ^[?]

Undefined^[?]

Local^[?]

Adjacent Network^[?]

Network^[?]

[Access Complexit] ^[?]

Undefined^[?]

High^[?]

Medium^[?]

Low^[?]

[Authentication] ^[?]

Undefined^[?]

Multiple^[?]

Single^[?]

None^[?]

[Confidentiality Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Integrity Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

[Availability Impact] ^[?]

Undefined^[?]

None^[?]

Partial^[?]

Complete^[?]

Alternatives

References

CONFIRM https://issues.jasig.org/browse/PHPCAS-80

CONFIRM https://developer.jasig.org/source/changelog/jasigsvn?cs=21538

CONFIRM http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82

MLIST [oss-security] 20101001 Re: CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback

MLIST [oss-security] 20100929 CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback

Vulnerability Type Path Traversal (CWE-22)