*** This bug is a security vulnerability ***
You have been subscribed to a public security bug by Jamie Strandboge
(jdstrand):
Binary package hint: mahara
Mahara has an embedded copy of Snoopy which is vulnerable to this:
CVE-2008-4796[0]:
| The _httpsrequest function (Snoopy/Snoopy.class.php) in Snoopy 1.2.3
| and earlier allows remote attackers to execute arbitrary commands via
| shell metacharacters in https URLs. NOTE: some of these details are
| obtained from third party information.
** Affects: mahara (Ubuntu)
Importance: Undecided
Status: New
** Affects: debian
Importance: Unknown
Status: Unknown
--
CVE-2008-4796: missing input sanitising in Snoopy.class.php
https://bugs.launchpad.net/bugs/293004
You received this bug notification because you are a member of Ubuntu Bugs,
which is a direct subscriber.
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
