JVN#95589314: Joruri Gw vulnerable to arbitrary file upload
2018-04-26T00:00:00
ID JVN:95589314 Type jvn Reporter Japan Vulnerability Notes Modified 2018-04-26T00:00:00
Description
## Description
Joruri Gw provided by SiteBridge Inc. is groupware which runs on Ruby on Rails. Joruri Gw contains a vulnerability that may allow an attacker to upload arbitrary files (CWE-434).
## Impact
A user may upload arbitrary files.
When PHP code execution is enabled on the server, a user may execute arbitrary PHP code by uploading PHP files.
## Solution
Disable Unnecessary Functions from the System
Disable PHP code execution on the server if it is not necessary.
Configure the server with only the necessary functions.
Change Server Settings
If PHP code execution features are required, configure the server to prevent uploaded PHP files being executed. installation manual of Joruri Gw Ver.2.3.1 and later contains the following (example configuration for Apache httpd);
> #Insert the following when PHP execution feature is enabled on the server.
<Directory "/var/share/jorurigw/public">
php_admin_flag engine off
</Directory>
## Products Affected
Joruri Gw Ver 3.2.0 and earlier
{"id": "JVN:95589314", "bulletinFamily": "info", "title": "JVN#95589314: Joruri Gw vulnerable to arbitrary file upload", "description": "\n ## Description\n\nJoruri Gw provided by SiteBridge Inc. is groupware which runs on Ruby on Rails. Joruri Gw contains a vulnerability that may allow an attacker to upload arbitrary files ([CWE-434](<https://cwe.mitre.org/data/definitions/434.html>)).\n\n ## Impact\n\nA user may upload arbitrary files. \nWhen PHP code execution is enabled on the server, a user may execute arbitrary PHP code by uploading PHP files.\n\n ## Solution\n\n**Disable Unnecessary Functions from the System** \nDisable PHP code execution on the server if it is not necessary. \nConfigure the server with only the necessary functions. \n \n**Change Server Settings** \nIf PHP code execution features are required, configure the server to prevent uploaded PHP files being executed. \n[installation manual](<https://github.com/joruri/joruri-gw/blob/master/doc/INSTALL.txt>) of Joruri Gw Ver.2.3.1 and later contains the following (example configuration for Apache httpd); \n\n> #Insert the following when PHP execution feature is enabled on the server. \n<Directory \"/var/share/jorurigw/public\"> \nphp_admin_flag engine off \n</Directory>\n\n ## Products Affected\n\n * Joruri Gw Ver 3.2.0 and earlier\n", "published": "2018-04-26T00:00:00", "modified": "2018-04-26T00:00:00", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}, "href": "http://jvn.jp/en/jp/JVN95589314/index.html", "reporter": "Japan Vulnerability Notes", "references": [], "cvelist": ["CVE-2018-0568"], "type": "jvn", "lastseen": "2019-05-29T19:49:31", "history": [{"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2018-0568"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "\n ## Description\n\nJoruri Gw provided by SiteBridge Inc. is groupware which runs on Ruby on Rails. Joruri Gw contains a vulnerability that may allow an attacker to upload arbitrary files ([CWE-434](<https://cwe.mitre.org/data/definitions/434.html>)).\n\n ## Impact\n\nA user may upload arbitrary files. \nWhen PHP code execution is enabled on the server, a user may execute arbitrary PHP code by uploading PHP files.\n\n ## Solution\n\n**Disable Unnecessary Functions from the System** \nDisable PHP code execution on the server if it is not necessary. \nConfigure the server with only the necessary functions. \n \n**Change Server Settings** \nIf PHP code execution features are required, configure the server to prevent uploaded PHP files being executed. \n[installation manual](<https://github.com/joruri/joruri-gw/blob/master/doc/INSTALL.txt>) of Joruri Gw Ver.2.3.1 and later contains the following (example configuration for Apache httpd); \n\n> #Insert the following when PHP execution feature is enabled on the server. \n<Directory \"/var/share/jorurigw/public\"> \nphp_admin_flag engine off \n</Directory>\n\n ## Products Affected\n\n * Joruri Gw Ver 3.2.0 and earlier\n", "edition": 3, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "c34d834ef145ccf3683d7b41a6304453807c9c51059cee7b8a6007312bb56bd0", "hashmap": [{"hash": "36309fcab9b1aff9435cc5cd42dd541f", "key": "title"}, {"hash": "933e37c2beeefe4a041a3b0ae38030c5", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "e2bd4f48ef6667ad18b60c1e8f34deb7", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "96994c4aec9faeb802538e44cfbad0bc", "key": "href"}, {"hash": "7593651b965d734a50213dfb4152582c", "key": "published"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "5d3e230786529707bd0342e45d2a305a", "key": "description"}, {"hash": "7593651b965d734a50213dfb4152582c", "key": "modified"}, {"hash": "10c2a69964ee758f3b1df20bfbe94b84", "key": "cvelist"}], "history": [], "href": "http://jvn.jp/en/jp/JVN95589314/index.html", "id": "JVN:95589314", "lastseen": "2018-08-30T20:36:17", "modified": "2018-04-26T00:00:00", "objectVersion": "1.3", "published": "2018-04-26T00:00:00", "references": [], "reporter": "Japan Vulnerability Notes", "title": "JVN#95589314: Joruri Gw vulnerable to arbitrary file upload", "type": "jvn", "viewCount": 13}, "differentElements": ["cvss"], "edition": 3, "lastseen": "2018-08-30T20:36:17"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2018-0568"], "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "\n ## Description\n\nJoruri Gw provided by SiteBridge Inc. is groupware which runs on Ruby on Rails. Joruri Gw contains a vulnerability that may allow an attacker to upload arbitrary files ([CWE-434](<https://cwe.mitre.org/data/definitions/434.html>)).\n\n ## Impact\n\nA user may upload arbitrary files. \nWhen PHP code execution is enabled on the server, a user may execute arbitrary PHP code by uploading PHP files.\n\n ## Solution\n\n**Disable Unnecessary Functions from the System** \nDisable PHP code execution on the server if it is not necessary. \nConfigure the server with only the necessary functions. \n \n**Change Server Settings** \nIf PHP code execution features are required, configure the server to prevent uploaded PHP files being executed. \n[installation manual](<https://github.com/joruri/joruri-gw/blob/master/doc/INSTALL.txt>) of Joruri Gw Ver.2.3.1 and later contains the following (example configuration for Apache httpd); \n\n> #Insert the following when PHP execution feature is enabled on the server. \n<Directory \"/var/share/jorurigw/public\"> \nphp_admin_flag engine off \n</Directory>\n\n ## Products Affected\n\n * Joruri Gw Ver 3.2.0 and earlier\n", "edition": 4, "enchantments": {"dependencies": {"modified": "2018-08-31T00:36:01", "references": [{"idList": ["CVE-2018-0568"], "type": "cve"}]}, "score": {"value": 7.5, "vector": "NONE"}}, "hash": "6140fa29c0e67426def05a3058c581222498cc9084b9b0386e5b54406489dd09", "hashmap": [{"hash": "36309fcab9b1aff9435cc5cd42dd541f", "key": "title"}, {"hash": "933e37c2beeefe4a041a3b0ae38030c5", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "e2bd4f48ef6667ad18b60c1e8f34deb7", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "96994c4aec9faeb802538e44cfbad0bc", "key": "href"}, {"hash": "9acfc3ecd06539a3534549fd05dfad8e", "key": "cvss"}, {"hash": "7593651b965d734a50213dfb4152582c", "key": "published"}, {"hash": "5d3e230786529707bd0342e45d2a305a", "key": "description"}, {"hash": "7593651b965d734a50213dfb4152582c", "key": "modified"}, {"hash": "10c2a69964ee758f3b1df20bfbe94b84", "key": "cvelist"}], "history": [], "href": "http://jvn.jp/en/jp/JVN95589314/index.html", "id": "JVN:95589314", "lastseen": "2018-08-31T00:36:01", "modified": "2018-04-26T00:00:00", "objectVersion": "1.3", "published": "2018-04-26T00:00:00", "references": [], "reporter": "Japan Vulnerability Notes", "title": "JVN#95589314: Joruri Gw vulnerable to arbitrary file upload", "type": "jvn", "viewCount": 14}, "differentElements": ["cvss"], "edition": 4, "lastseen": "2018-08-31T00:36:01"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2018-0568"], "cvss": {"score": 6.5, "vector": "AV:NETWORK/AC:LOW/Au:SINGLE_INSTANCE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "description": "\n ## Description\n\nJoruri Gw provided by SiteBridge Inc. is groupware which runs on Ruby on Rails. Joruri Gw contains a vulnerability that may allow an attacker to upload arbitrary files ([CWE-434](<https://cwe.mitre.org/data/definitions/434.html>)).\n\n ## Impact\n\nA user may upload arbitrary files. \nWhen PHP code execution is enabled on the server, a user may execute arbitrary PHP code by uploading PHP files.\n\n ## Solution\n\n**Disable Unnecessary Functions from the System** \nDisable PHP code execution on the server if it is not necessary. \nConfigure the server with only the necessary functions. \n \n**Change Server Settings** \nIf PHP code execution features are required, configure the server to prevent uploaded PHP files being executed. \n[installation manual](<https://github.com/joruri/joruri-gw/blob/master/doc/INSTALL.txt>) of Joruri Gw Ver.2.3.1 and later contains the following (example configuration for Apache httpd); \n\n> #Insert the following when PHP execution feature is enabled on the server. \n<Directory \"/var/share/jorurigw/public\"> \nphp_admin_flag engine off \n</Directory>\n\n ## Products Affected\n\n * Joruri Gw Ver 3.2.0 and earlier\n", "edition": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "6140fa29c0e67426def05a3058c581222498cc9084b9b0386e5b54406489dd09", "hashmap": [{"hash": "36309fcab9b1aff9435cc5cd42dd541f", "key": "title"}, {"hash": "933e37c2beeefe4a041a3b0ae38030c5", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "e2bd4f48ef6667ad18b60c1e8f34deb7", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "96994c4aec9faeb802538e44cfbad0bc", "key": "href"}, {"hash": "9acfc3ecd06539a3534549fd05dfad8e", "key": "cvss"}, {"hash": "7593651b965d734a50213dfb4152582c", "key": "published"}, {"hash": "5d3e230786529707bd0342e45d2a305a", "key": "description"}, {"hash": "7593651b965d734a50213dfb4152582c", "key": "modified"}, {"hash": "10c2a69964ee758f3b1df20bfbe94b84", "key": "cvelist"}], "history": [], "href": "http://jvn.jp/en/jp/JVN95589314/index.html", "id": "JVN:95589314", "lastseen": "2018-06-20T11:13:29", "modified": "2018-04-26T00:00:00", "objectVersion": "1.3", "published": "2018-04-26T00:00:00", "references": [], "reporter": "Japan Vulnerability Notes", "title": "JVN#95589314: Joruri Gw vulnerable to arbitrary file upload", "type": "jvn", "viewCount": 13}, "differentElements": ["cvss"], "edition": 2, "lastseen": "2018-06-20T11:13:29"}, {"bulletin": {"bulletinFamily": "info", "cvelist": ["CVE-2018-0568"], "cvss": {"score": 0.0, "vector": "NONE"}, "description": "\n ## Description\n\nJoruri Gw provided by SiteBridge Inc. is groupware which runs on Ruby on Rails. Joruri Gw contains a vulnerability that may allow an attacker to upload arbitrary files ([CWE-434](<https://cwe.mitre.org/data/definitions/434.html>)).\n\n ## Impact\n\nA user may upload arbitrary files. \nWhen PHP code execution is enabled on the server, a user may execute arbitrary PHP code by uploading PHP files.\n\n ## Solution\n\n**Disable Unnecessary Functions from the System** \nDisable PHP code execution on the server if it is not necessary. \nConfigure the server with only the necessary functions. \n \n**Change Server Settings** \nIf PHP code execution features are required, configure the server to prevent uploaded PHP files being executed. \n[installation manual](<https://github.com/joruri/joruri-gw/blob/master/doc/INSTALL.txt>) of Joruri Gw Ver.2.3.1 and later contains the following (example configuration for Apache httpd); \n\n> #Insert the following when PHP execution feature is enabled on the server. \n<Directory \"/var/share/jorurigw/public\"> \nphp_admin_flag engine off \n</Directory>\n\n ## Products Affected\n\n * Joruri Gw Ver 3.2.0 and earlier\n", "edition": 1, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}}, "hash": "c34d834ef145ccf3683d7b41a6304453807c9c51059cee7b8a6007312bb56bd0", "hashmap": [{"hash": "36309fcab9b1aff9435cc5cd42dd541f", "key": "title"}, {"hash": "933e37c2beeefe4a041a3b0ae38030c5", "key": "reporter"}, {"hash": "d41d8cd98f00b204e9800998ecf8427e", "key": "references"}, {"hash": "e2bd4f48ef6667ad18b60c1e8f34deb7", "key": "type"}, {"hash": "caf9b6b99962bf5c2264824231d7a40c", "key": "bulletinFamily"}, {"hash": "96994c4aec9faeb802538e44cfbad0bc", "key": "href"}, {"hash": "7593651b965d734a50213dfb4152582c", "key": "published"}, {"hash": "8cd4821cb504d25572038ed182587d85", "key": "cvss"}, {"hash": "5d3e230786529707bd0342e45d2a305a", "key": "description"}, {"hash": "7593651b965d734a50213dfb4152582c", "key": "modified"}, {"hash": "10c2a69964ee758f3b1df20bfbe94b84", "key": "cvelist"}], "history": [], "href": "http://jvn.jp/en/jp/JVN95589314/index.html", "id": "JVN:95589314", "lastseen": "2018-04-26T06:58:34", "modified": "2018-04-26T00:00:00", "objectVersion": "1.3", "published": "2018-04-26T00:00:00", "references": [], "reporter": "Japan Vulnerability Notes", "title": "JVN#95589314: Joruri Gw vulnerable to arbitrary file upload", "type": "jvn", "viewCount": 13}, "differentElements": ["cvss"], "edition": 1, "lastseen": "2018-04-26T06:58:34"}], "edition": 5, "hashmap": [{"key": "bulletinFamily", "hash": "caf9b6b99962bf5c2264824231d7a40c"}, {"key": "cvelist", "hash": "10c2a69964ee758f3b1df20bfbe94b84"}, {"key": "cvss", "hash": "0187fd86f792b6c1e0077d0f69d0ed79"}, {"key": "description", "hash": "5d3e230786529707bd0342e45d2a305a"}, {"key": "href", "hash": "96994c4aec9faeb802538e44cfbad0bc"}, {"key": "modified", "hash": "7593651b965d734a50213dfb4152582c"}, {"key": "published", "hash": "7593651b965d734a50213dfb4152582c"}, {"key": "references", "hash": "d41d8cd98f00b204e9800998ecf8427e"}, {"key": "reporter", "hash": "933e37c2beeefe4a041a3b0ae38030c5"}, {"key": "title", "hash": "36309fcab9b1aff9435cc5cd42dd541f"}, {"key": "type", "hash": "e2bd4f48ef6667ad18b60c1e8f34deb7"}], "hash": "afdc9d563bd3ac96bafe0450e620bff5930320d4508ee9522de274aaee69c233", "viewCount": 14, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-0568"]}], "modified": "2019-05-29T19:49:31"}, "score": {"value": 6.5, "vector": "NONE", "modified": "2019-05-29T19:49:31"}, "vulnersScore": 6.5}, "objectVersion": "1.3", "scheme": null}
{"cve": [{"lastseen": "2019-05-29T18:19:40", "bulletinFamily": "NVD", "description": "Unrestricted file upload vulnerability in SiteBridge Inc. Joruri Gw Ver 3.2.0 and earlier allows remote authenticated users to execute arbitrary PHP code via unspecified vectors.", "modified": "2018-06-19T16:42:00", "id": "CVE-2018-0568", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-0568", "published": "2018-05-14T13:29:00", "title": "CVE-2018-0568", "type": "cve", "cvss": {"score": 6.5, "vector": "AV:N/AC:L/Au:S/C:P/I:P/A:P"}}]}
