Related information

Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)

[SECURITY] [DSA 1824-1] New phpmyadmin packages fix several vulnerabilities

SQL INJECTION VULNERABILITY --AlumniServer v-1.0.1-->

(POST var 'resetpwemail' ) BLIND SQL INJECTION EXPLOIT --AlumniServer v-1.0.1-->

From:	UBUNTU
Date:	25.06.2009
Subject:	[USN-791-3] Smarty vulnerability

===========================================================
Ubuntu Security Notice USN-791-3              June 24, 2009
smarty vulnerability
CVE-2009-1669
===========================================================

A security issue affects the following Ubuntu releases:

Ubuntu 9.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.04:
 smarty                          2.6.22-1ubuntu1.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that Smarty did not correctly filter certain math
inputs.  A remote attacker using Smarty via a web service could exploit
this to execute subsets of shell commands as the web server user.


Updated packages for Ubuntu 9.04:

 Source archives:

   http://security.ubuntu.com/ubuntu/pool/main/s/smarty/smarty_2.6.22-1ubuntu1.1.
diff.gz
     Size/MD5:     5384 cddf82ac12a8bf55573d7382cbbb3609
   http://security.ubuntu.com/ubuntu/pool/main/s/smarty/smarty_2.6.22-1ubuntu1.1.
dsc
     Size/MD5:     1220 b96705a4b32e7e7e0965a71986f908b8
   http://security.ubuntu.com/ubuntu/pool/main/s/smarty/smarty_2.6.22.orig.tar.gz

     Size/MD5:   158529 a6e1d94453104c42374901da5139744c

 Architecture independent packages:

   http://security.ubuntu.com/ubuntu/pool/main/s/smarty/smarty_2.6.22-1ubuntu1.1_
all.deb
     Size/MD5:   204018 7ed9dc3ba0843ff6b2acf57f94ee31c3