Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
debianDebianDEBIAN:DSA-1520-1:EF173
HistoryMar 16, 2008 - 11:36 a.m.

[SECURITY] [DSA 1520-1] New smarty packages fix arbitrary code execution

2008-03-1611:36:42
lists.debian.org
12

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

0.019

Percentile

88.8%

JSON

Debian Security Advisory DSA-1520-1 [email protected]
http://www.debian.org/security/ Thijs Kinkhorst
March 16, 2008 http://www.debian.org/security/faq

Package : smarty
Vulnerability : insufficient input sanitising
Problem type : remote
Debian-specific: no
CVE Id(s) : CVE-2008-1066
Debian Bug : 469492

It was discovered that the regex module in Smarty, a PHP templating engine,
allows attackers to call arbitrary PHP functions via templates using the
regex_replace plugin by a specially crafted search string.

For the stable distribution (etch), this problem has been fixed in version
2.6.14-1etch1.

For the old stable distribution (sarge), this problem has been fixed in
version 2.6.9-1sarge1.

For the unstable distribution (sid), this problem has been fixed in version
2.6.18-1.1.

We recommend that you upgrade your smarty package.

Upgrade instructions

wget url
will fetch the file for you
dpkg -i file.deb
will install the referenced file.

If you are using the apt-get package manager, use the line for
sources.list as given below:

apt-get update
will update the internal database
apt-get upgrade
will install corrected packages

You may use an automated update by adding the resources from the
footer to the proper configuration.

Debian GNU/Linux 3.1 alias sarge

Source archives:

http://security.debian.org/pool/updates/main/s/smarty/smarty_2.6.9-1sarge1.dsc
Size/MD5 checksum: 870 3c1955d0151a53532dab661fb9a9b7b3
http://security.debian.org/pool/updates/main/s/smarty/smarty_2.6.9.orig.tar.gz
Size/MD5 checksum: 141694 4ee0048de6a9b35f1b11b458493327f2
http://security.debian.org/pool/updates/main/s/smarty/smarty_2.6.9-1sarge1.diff.gz
Size/MD5 checksum: 3502 b1835fb9b611eb5ef3f26f23c21fbdbb

Architecture independent packages:

http://security.debian.org/pool/updates/main/s/smarty/smarty_2.6.9-1sarge1_all.deb
Size/MD5 checksum: 177048 39408bb8ec42a25956990f2e81bd2d7e

Debian GNU/Linux 4.0 alias etch

Source archives:

http://security.debian.org/pool/updates/main/s/smarty/smarty_2.6.14-1etch1.dsc
Size/MD5 checksum: 950 fa71b68819fe520b5616eec683276fdf
http://security.debian.org/pool/updates/main/s/smarty/smarty_2.6.14.orig.tar.gz
Size/MD5 checksum: 144986 9186796ddbc29191306338dea9d632a0
http://security.debian.org/pool/updates/main/s/smarty/smarty_2.6.14-1etch1.diff.gz
Size/MD5 checksum: 3814 8544db24358f72e091898f45c9fbc961

Architecture independent packages:

http://security.debian.org/pool/updates/main/s/smarty/smarty_2.6.14-1etch1_all.deb
Size/MD5 checksum: 184654 d2c9b4a558a052ab1c96bbdadfedafa5

These files will probably be moved into the stable distribution on
its next update.

For apt-get: deb http://security.debian.org/ stable/updates main
For dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main
Mailing list: [email protected]
Package info: `apt-cache show <pkg>' and http://packages.debian.org/&lt;pkg&gt;

OSVersionArchitecturePackageVersionFilename
Debian4allsmarty< 2.6.14-1etch1smarty_2.6.14-1etch1_all.deb
Debian3.1allsmarty< 2.6.9-1sarge1smarty_2.6.9-1sarge1_all.deb

Related

fedora 3
openvas 12
nessus 7
securityvulns 3
altlinux 2
prion 1
ubuntucve 1
gentoo 2
cvelist 1
nvd 1
cve 1
redhatcve 1
fedora
fedora
[SECURITY] Fedora 8 Update: gallery2-2.2.4-3.fc8
2008-04-17 03:53:35
[SECURITY] Fedora 8 Update: php-pear-PhpDocumentor-1.4.1-2.fc8
2008-03-26 17:10:33
[SECURITY] Fedora 7 Update: gallery2-2.2.4-3.fc7
2008-04-17 03:57:05
openvas
openvas
Fedora Update for gallery2 FEDORA-2008-2587
2009-02-16 00:00:00
Fedora Update for php-pear-PhpDocumentor FEDORA-2008-2656
2009-02-16 00:00:00
Fedora Update for gallery2 FEDORA-2008-2650
2009-02-16 00:00:00
nessus
nessus
Debian DSA-1520-1 : smarty - insufficient input sanitising
2008-03-17 00:00:00
GLSA-201111-04 : phpDocumentor: Function call injection
2011-11-14 00:00:00
Fedora 8 : php-pear-PhpDocumentor-1.4.1-2.fc8 (2008-2656)
2008-03-28 00:00:00
securityvulns
securityvulns
[SECURITY] [DSA 1520-1] New smarty packages fix arbitrary code execution
2008-03-17 00:00:00
[ GLSA 201111-04 ] phpDocumentor: Function call injection
2011-11-21 00:00:00
Daily web applications security vulnerabilities summary &#40;PHP, ASP, JSP, CGI, Perl&#41;
2008-03-17 00:00:00
altlinux
altlinux
Security fix for the ALT Linux 6 package smarty version 2.6.19-alt1
2008-03-12 00:00:00
Security fix for the ALT Linux 7 package smarty version 2.6.19-alt1
2008-03-12 00:00:00
prion
prion
Spoofing
2008-02-28 20:44:00
ubuntucve
ubuntucve
CVE-2008-1066
2008-02-28 00:00:00
gentoo
gentoo
phpDocumentor: Function call injection
2011-11-11 00:00:00
Smarty: Multiple vulnerabilities
2010-06-02 00:00:00
cvelist
cvelist
CVE-2008-1066
2008-02-28 20:00:00
nvd
nvd
CVE-2008-1066
2008-02-28 20:44:00
cve
cve
CVE-2008-1066
2008-02-28 20:44:00
redhatcve
redhatcve
CVE-2008-1066
2019-10-04 21:51:22

CVSS2

7.5

Attack Vector

NETWORK

Attack Complexity

LOW

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

AI Score

6.3

Confidence

Low

EPSS

0.019

Percentile

88.8%

JSON
Related for DEBIAN:DSA-1520-1:EF173
fedora3openvas12nessus7securityvulns3altlinux2prion1ubuntucve1gentoo2cvelist1nvd1cve1redhatcve1