Your message dated Thu, 28 Feb 2008 07:52:17 +0000
with message-id <[EMAIL PROTECTED]>
and subject line Bug#466449: fixed in sword 1.5.7-7sarge1
has caused the Debian Bug report #466449,
regarding diatheke: Diatheke allows arbitrary command execution using the range
parameter
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [EMAIL PROTECTED]
immediately.)
--
466449: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=466449
Debian Bug Tracking System
Contact [EMAIL PROTECTED] with problems
--- Begin Message ---
Package: diatheke
Severity: critical
Tags: security
Justification: root security hole
The Diatheke CGI allows arbitrary command execution in the context of
the webserver, e.g. www-data by simply abusing the range parameter.
For example, &range=`yes` will consume tons of resources on the affected
webserver. Escalation of privleges and command shells are left as an
exercise to the reader.
-- System Information:
Debian Release: lenny/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh
Versions of packages diatheke depends on:
ii libc6 2.7-8 GNU C Library: Shared libraries
ii libcomerr2 1.40.6-1 common error description library
ii libgcc1 1:4.3-20080202-1 GCC support library
ii libkrb53 1.6.dfsg.3~beta1-2 MIT Kerberos runtime libraries
ii libldap-2.4-2 2.4.7-5 OpenLDAP libraries
ii libstdc++6 4.3-20080202-1 The GNU Standard C++ Library v3
ii libsword6 1.5.9-7.1 API/library for bible software
ii zlib1g 1:1.2.3.3.dfsg-11 compression library - runtime
Versions of packages diatheke recommends:
ii apache2 2.2.8-1 Next generation, scalable, extenda
ii apache2-mpm-prefork [httpd] 2.2.8-1 Traditional model for Apache HTTPD
--- End Message ---
--- Begin Message ---
Source: sword
Source-Version: 1.5.7-7sarge1
We believe that the bug you reported is fixed in the latest version of
sword, which is due to be installed in the Debian FTP archive:
diatheke_1.5.7-7sarge1_i386.deb
to pool/main/s/sword/diatheke_1.5.7-7sarge1_i386.deb
libsword-dev_1.5.7-7sarge1_i386.deb
to pool/main/s/sword/libsword-dev_1.5.7-7sarge1_i386.deb
libsword4_1.5.7-7sarge1_i386.deb
to pool/main/s/sword/libsword4_1.5.7-7sarge1_i386.deb
sword_1.5.7-7sarge1.diff.gz
to pool/main/s/sword/sword_1.5.7-7sarge1.diff.gz
sword_1.5.7-7sarge1.dsc
to pool/main/s/sword/sword_1.5.7-7sarge1.dsc
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thijs Kinkhorst <[EMAIL PROTECTED]> (supplier of updated sword package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Thu, 21 Feb 2008 23:45:32 +0100
Source: sword
Binary: libsword4 libsword-dev diatheke
Architecture: source i386
Version: 1.5.7-7sarge1
Distribution: oldstable-security
Urgency: high
Maintainer: Daniel Glassey <[EMAIL PROTECTED]>
Changed-By: Thijs Kinkhorst <[EMAIL PROTECTED]>
Description:
diatheke - CGI script for making bible website
libsword-dev - Development files for libsword
libsword4 - API/library for bible software
Closes: 466449
Changes:
sword (1.5.7-7sarge1) oldstable-security; urgency=high
.
* Non-maintainer upload by the security team.
* Fix remote command execution in diatheke.pl (Closes: #466449)
with maintainer-supplied patch.
Files:
4f7872250c457ac36f0b20b4be235647 938 libs optional sword_1.5.7-7sarge1.dsc
369f09068839c646aeab691c63a40d67 1482711 libs optional sword_1.5.7.orig.tar.gz
f8993cddacdac25ca55b7e99ced8ff49 277640 libs optional
sword_1.5.7-7sarge1.diff.gz
4dabb05ea1d6b72ba61e8877cbad1544 388072 libs optional
libsword4_1.5.7-7sarge1_i386.deb
f04d2f9bc41e5703967630adf4e12754 556994 libdevel optional
libsword-dev_1.5.7-7sarge1_i386.deb
665ce388ee9a74a0d850007beae3051a 58108 web optional
diatheke_1.5.7-7sarge1_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.6 (GNU/Linux)
iQEVAwUBR74IYWz0hbPcukPfAQJSPwf9FGg4WMaBQurWVna+xkNHblnqh49TNoww
0J2Zk7rWLIyUudLfTh/x6IB4OtsExY3gBZwi/Dxlh7OTUU0rVwJKAbfkEwcFgltS
4sLEdOX1OQXA4BcgDjn6/MLNf8EF64KmRfaFWX8jgERU0AsNsfLYRYGdk3qDQzXA
mDpBcegA0qwsgyv8bNG7EWNacimnnRNdGFe2Gx3Lxcij9414TwtxAMShHEfks/t+
kf6V3+NLkjYcxWoAn9WPcrnL6VG6DFOojB3xB2fZHy8BBGD6TINm6/1rmzuxwBwI
FWvC3Ljp1I20bSwj5kGCX/aIvQ/G0bnD0SsnmdRuv8C5mvNVN75CNA==
=iCgh
-----END PGP SIGNATURE-----
--- End Message ---