Search...

PhpGroupWare unspecified remote file include vulnerability

2005-11-03T00:00:00

ID OPENVAS:136141256231014294
Type openvas
Reporter This script is Copyright (C) 2004 David Maciejak
Modified 2019-07-05T00:00:00

Description

The remote host seems to be running PhpGroupWare, is a multi-user groupware suite written in PHP.

                                        
                                            ###############################################################################
# OpenVAS Vulnerability Test
#
# PhpGroupWare unspecified remote file include vulnerability
#
# Authors:
# David Maciejak &lt;david dot maciejak at kyxar dot fr&gt;
# based on work from (C) Tenable Network Security
#
# Copyright:
# Copyright (C) 2004 David Maciejak
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License version 2,
# as published by the Free Software Foundation
#
# This program is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with this program; if not, write to the Free Software
# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.
###############################################################################

CPE = "cpe:/a:phpgroupware:phpgroupware";

if(description)
{
  script_oid("1.3.6.1.4.1.25623.1.0.14294");
  script_version("2019-07-05T10:41:31+0000");
  script_tag(name:"last_modification", value:"2019-07-05 10:41:31 +0000 (Fri, 05 Jul 2019)");
  script_tag(name:"creation_date", value:"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)");
  script_cve_id("CVE-2003-0504");
  script_bugtraq_id(8265);
  script_tag(name:"cvss_base", value:"4.3");
  script_tag(name:"cvss_base_vector", value:"AV:N/AC:M/Au:N/C:N/I:P/A:N");
  script_xref(name:"OSVDB", value:"2243");
  script_name("PhpGroupWare unspecified remote file include vulnerability");
  script_category(ACT_GATHER_INFO);
  script_copyright("This script is Copyright (C) 2004 David Maciejak");
  script_family("Web application abuses");
  script_dependencies("phpgroupware_detect.nasl");
  script_require_ports("Services/www", 80);
  script_mandatory_keys("phpGroupWare/installed");


  script_tag(name:"solution", value:"Update to version 0.9.14.006 or newer");
  script_tag(name:"summary", value:"The remote host seems to be running PhpGroupWare, is a multi-user groupware
  suite written in PHP.");
  script_tag(name:"insight", value:"This version is prone to a vulnerability that may permit remote attackers,
  without prior authentication, to include and execute malicious PHP scripts.
  Remote users may influence URI variables to include a malicious PHP script
  on a remote system, it is possible to cause arbitrary PHP code to be executed.");

  script_tag(name:"solution_type", value:"VendorFix");
  script_tag(name:"qod_type", value:"remote_banner");

  exit(0);
}

include("version_func.inc");
include("host_details.inc");

if( ! port = get_app_port( cpe:CPE ) ) exit( 0 );
if( ! vers = get_app_version( cpe:CPE, port:port ) ) exit( 0 );

if( ereg( pattern:"^0\.([0-8]\.|9\.([0-9]\.|1[0-3]\.|14\.0*[0-5]([^0-9]|$)))", string:vers ) ) {
  report = report_fixed_ver( installed_version:vers, fixed_version:"0.9.14.006" );
  security_message( port:port, data:report );
  exit( 0 );
}

exit( 99 );

JSON Vulners Source

Initial Source

{"id": "OPENVAS:136141256231014294", "type": "openvas", "bulletinFamily": "scanner", "title": "PhpGroupWare unspecified remote file include vulnerability", "description": "The remote host seems to be running PhpGroupWare, is a multi-user groupware\n suite written in PHP.", "published": "2005-11-03T00:00:00", "modified": "2019-07-05T00:00:00", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "href": "http://plugins.openvas.org/nasl.php?oid=136141256231014294", "reporter": "This script is Copyright (C) 2004 David Maciejak", "references": ["2243"], "cvelist": ["CVE-2003-0504"], "lastseen": "2019-07-17T13:56:45", "viewCount": 0, "enchantments": {"dependencies": {"references": [{"type": "cve", "idList": ["CVE-2016-2243", "CVE-2019-2243", "CVE-2013-2243", "CVE-2020-2243", "CVE-2007-2243", "CVE-2018-2243", "CVE-2009-2243", "CVE-2015-2243", "CVE-2004-2243", "CVE-2010-2243", "CVE-2008-2243", "CVE-2012-2243", "CVE-2017-2243", "CVE-2005-2243", "CVE-2011-2243", "CVE-2003-0504", "CVE-2002-2243", "CVE-2014-2243", "CVE-2006-2243"]}, {"type": "osvdb", "idList": ["OSVDB:2243"]}, {"type": "openvas", "idList": ["OPENVAS:136141256231014292", "OPENVAS:53695"]}, {"type": "nessus", "idList": ["DEBIAN_DSA-365.NASL", "PHPGROUPWARE_HTML_INJECTION.NASL", "MANDRAKE_MDKSA-2003-077.NASL"]}, {"type": "debian", "idList": ["DEBIAN:DSA-365-1:0EC81"]}, {"type": "xssed", "idList": ["XSSED:2243"]}, {"type": "zdt", "idList": ["1337DAY-ID-2243"]}, {"type": "exploitdb", "idList": ["EDB-ID:2243"]}, {"type": "securityvulns", "idList": ["SECURITYVULNS:VULN:2243", "SECURITYVULNS:DOC:2243"]}, {"type": "seebug", "idList": ["SSV:2243"]}, {"type": "redhat", "idList": ["RHSA-2018:2243"]}, {"type": "ubuntu", "idList": ["USN-2243-1"]}, {"type": "msupdate", "idList": ["MS:BD81CDFA-2243-4100-8FF9-7D946694911D"]}], "modified": "2019-07-17T13:56:45", "rev": 2}, "score": {"value": 7.1, "vector": "NONE", "modified": "2019-07-17T13:56:45", "rev": 2}, "vulnersScore": 7.1}, "pluginID": "136141256231014294", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# PhpGroupWare unspecified remote file include vulnerability\n#\n# Authors:\n# David Maciejak <david dot maciejak at kyxar dot fr>\n# based on work from (C) Tenable Network Security\n#\n# Copyright:\n# Copyright (C) 2004 David Maciejak\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:phpgroupware:phpgroupware\";\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.14294\");\n script_version(\"2019-07-05T10:41:31+0000\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 10:41:31 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)\");\n script_cve_id(\"CVE-2003-0504\");\n script_bugtraq_id(8265);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_xref(name:\"OSVDB\", value:\"2243\");\n script_name(\"PhpGroupWare unspecified remote file include vulnerability\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"This script is Copyright (C) 2004 David Maciejak\");\n script_family(\"Web application abuses\");\n script_dependencies(\"phpgroupware_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"phpGroupWare/installed\");\n\n\n script_tag(name:\"solution\", value:\"Update to version 0.9.14.006 or newer\");\n script_tag(name:\"summary\", value:\"The remote host seems to be running PhpGroupWare, is a multi-user groupware\n suite written in PHP.\");\n script_tag(name:\"insight\", value:\"This version is prone to a vulnerability that may permit remote attackers,\n without prior authentication, to include and execute malicious PHP scripts.\n Remote users may influence URI variables to include a malicious PHP script\n on a remote system, it is possible to cause arbitrary PHP code to be executed.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) ) exit( 0 );\nif( ! vers = get_app_version( cpe:CPE, port:port ) ) exit( 0 );\n\nif( ereg( pattern:\"^0\\.([0-8]\\.|9\\.([0-9]\\.|1[0-3]\\.|14\\.0*[0-5]([^0-9]|$)))\", string:vers ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"0.9.14.006\" );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "naslFamily": "Web application abuses"}

{"cve": [{"lastseen": "2021-02-02T05:22:09", "description": "Multiple cross-site scripting (XSS) vulnerabilities in Phpgroupware 0.9.14.003 (aka webdistro) allow remote attackers to insert arbitrary HTML or web script, as demonstrated with a request to index.php in the addressbook module.", "edition": 4, "cvss3": {}, "published": "2003-08-07T04:00:00", "title": "CVE-2003-0504", "type": "cve", "cwe": ["NVD-CWE-Other"], "bulletinFamily": "NVD", "cvss2": {"severity": "MEDIUM", "exploitabilityScore": 8.6, "obtainAllPrivilege": false, "userInteractionRequired": false, "obtainOtherPrivilege": false, "cvssV2": {"accessComplexity": "MEDIUM", "confidentialityImpact": "NONE", "availabilityImpact": "NONE", "integrityImpact": "PARTIAL", "baseScore": 4.3, "vectorString": "AV:N/AC:M/Au:N/C:N/I:P/A:N", "version": "2.0", "accessVector": "NETWORK", "authentication": "NONE"}, "impactScore": 2.9, "obtainUserPrivilege": false}, "cvelist": ["CVE-2003-0504"], "modified": "2016-10-18T02:34:00", "cpe": ["cpe:/a:phpgroupware:phpgroupware:0.9.14.003"], "id": "CVE-2003-0504", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2003-0504", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}, "cpe23": ["cpe:2.3:a:phpgroupware:phpgroupware:0.9.14.003:*:*:*:*:*:*:*"]}], "osvdb": [{"lastseen": "2017-04-28T13:19:57", "bulletinFamily": "software", "cvelist": ["CVE-2003-0504"], "edition": 1, "description": "## Vulnerability Description\nphpGroupWare contains a flaw that allows a remote cross site scripting attack. \nThis flaw exists because the application does not validate various Addressbook \nvariables upon submission to the index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.\n## Solution Description\nUpgrade to version 0.9.14.005 or higher, as it has been reported to fix this \nvulnerability. An upgrade is required as there are no known workarounds.\n## Short Description\nphpGroupWare contains a flaw that allows a remote cross site scripting attack. \nThis flaw exists because the application does not validate various Addressbook \nvariables upon submission to the index.php script. This could allow a user to create a specially crafted URL that would execute arbitrary code in a user's browser within the trust relationship between the browser and the server, leading to a loss of integrity.\n## Manual Testing Notes\nhttp://[victim]/addressbook/index.php?\n\nYou can add a contact and put <script>alert();</script> in the name or\nsurname. If you put something in the contact label the script is\nexecuted at this level.\n## References:\nVendor URL: http://www.phpgroupware.org/\n[Vendor Specific Advisory URL](https://savannah.gnu.org/bugs/?func=detailitem&item_id=8094)\nOther Advisory URL: http://www.debian.org/security/2003/dsa-365\nOther Advisory URL: http://distro.conectiva.com/atualizacoes/?id=a&anuncio=000697\nOther Advisory URL: http://www.mandrakesecure.net/en/advisories/advisory.php?name=MDKSA-2003:077\nOther Advisory URL: http://archives.neohapsis.com/archives/fulldisclosure/2003-q3/0032.html\nISS X-Force ID: 12497\n[CVE-2003-0504](https://vulners.com/cve/CVE-2003-0504)\nBugtraq ID: 8088\n", "modified": "2003-07-02T11:37:37", "published": "2003-07-02T11:37:37", "href": "https://vulners.com/osvdb/OSVDB:2243", "id": "OSVDB:2243", "type": "osvdb", "title": "phpGroupWare index.php Addressbook XSS", "cvss": {"score": 4.3, "vector": "AV:NETWORK/AC:MEDIUM/Au:NONE/C:NONE/I:PARTIAL/A:NONE/"}}], "openvas": [{"lastseen": "2019-07-17T13:56:43", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0504"], "description": "The remote host seems to be running PhpGroupWare, is a multi-user groupware\n suite written in PHP.", "modified": "2019-07-05T00:00:00", "published": "2005-11-03T00:00:00", "id": "OPENVAS:136141256231014292", "href": "http://plugins.openvas.org/nasl.php?oid=136141256231014292", "type": "openvas", "title": "PhpGroupWare multiple HTML injection vulnerabilities", "sourceData": "###############################################################################\n# OpenVAS Vulnerability Test\n#\n# PhpGroupWare multiple HTML injection vulnerabilities\n#\n# Authors:\n# David Maciejak <david dot maciejak at kyxar dot fr>\n# based on work from (C) Tenable Network Security\n#\n# Copyright:\n# Copyright (C) 2004 David Maciejak\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n###############################################################################\n\nCPE = \"cpe:/a:phpgroupware:phpgroupware\";\n\n# Ref: Fran\u00e7ois SORIN <francois.sorin@security-corporation.com>\n\nif(description)\n{\n script_oid(\"1.3.6.1.4.1.25623.1.0.14292\");\n script_version(\"2019-07-05T10:41:31+0000\");\n script_tag(name:\"last_modification\", value:\"2019-07-05 10:41:31 +0000 (Fri, 05 Jul 2019)\");\n script_tag(name:\"creation_date\", value:\"2005-11-03 14:08:04 +0100 (Thu, 03 Nov 2005)\");\n script_bugtraq_id(8088);\n script_tag(name:\"cvss_base\", value:\"4.3\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_cve_id(\"CVE-2003-0504\");\n script_xref(name:\"OSVDB\", value:\"2243\");\n script_name(\"PhpGroupWare multiple HTML injection vulnerabilities\");\n script_category(ACT_GATHER_INFO);\n script_copyright(\"This script is Copyright (C) 2004 David Maciejak\");\n script_family(\"Web application abuses\");\n script_dependencies(\"phpgroupware_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n script_mandatory_keys(\"phpGroupWare/installed\");\n\n\n script_tag(name:\"solution\", value:\"Update to version 0.9.14.005 or newer\");\n script_tag(name:\"summary\", value:\"The remote host seems to be running PhpGroupWare, is a multi-user groupware\n suite written in PHP.\");\n script_tag(name:\"impact\", value:\"A malicious attacker may inject arbitrary HTML and script code using these\n form fields that may be incorporated into dynamically generated web content.\");\n script_tag(name:\"insight\", value:\"This version has been reported prone to multiple HTML injection vulnerabilities.\n The issues present themselves due to a lack of sufficient input validation\n performed on form fields used by PHPGroupWare modules.\");\n\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n script_tag(name:\"qod_type\", value:\"remote_banner\");\n\n exit(0);\n}\n\ninclude(\"version_func.inc\");\ninclude(\"host_details.inc\");\n\nif( ! port = get_app_port( cpe:CPE ) ) exit( 0 );\nif( ! vers = get_app_version( cpe:CPE, port:port ) ) exit( 0 );\n\nif( ereg( pattern:\"^0\\.([0-8]\\.|9\\.([0-9]\\.|1[0-3]\\.|14\\.0*[0-3]([^0-9]|$)))\", string:vers ) ) {\n report = report_fixed_ver( installed_version:vers, fixed_version:\"0.9.14.005\" );\n security_message( port:port, data:report );\n exit( 0 );\n}\n\nexit( 99 );\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2017-07-24T12:49:54", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0657", "CVE-2003-0504", "CVE-2003-0599"], "description": "The remote host is missing an update to phpgroupware\nannounced via advisory DSA 365-1.", "modified": "2017-07-07T00:00:00", "published": "2008-01-17T00:00:00", "id": "OPENVAS:53695", "href": "http://plugins.openvas.org/nasl.php?oid=53695", "type": "openvas", "title": "Debian Security Advisory DSA 365-1 (phpgroupware)", "sourceData": "# OpenVAS Vulnerability Test\n# $Id: deb_365_1.nasl 6616 2017-07-07 12:10:49Z cfischer $\n# Description: Auto-generated from advisory DSA 365-1\n#\n# Authors:\n# Thomas Reinke <reinke@securityspace.com>\n#\n# Copyright:\n# Copyright (c) 2007 E-Soft Inc. http://www.securityspace.com\n# Text descriptions are largerly excerpted from the referenced\n# advisory, and are Copyright (c) the respective author(s)\n#\n# This program is free software; you can redistribute it and/or modify\n# it under the terms of the GNU General Public License version 2,\n# as published by the Free Software Foundation\n#\n# This program is distributed in the hope that it will be useful,\n# but WITHOUT ANY WARRANTY; without even the implied warranty of\n# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the\n# GNU General Public License for more details.\n#\n# You should have received a copy of the GNU General Public License\n# along with this program; if not, write to the Free Software\n# Foundation, Inc., 51 Franklin St, Fifth Floor, Boston, MA 02110-1301 USA.\n#\n\ninclude(\"revisions-lib.inc\");\ntag_insight = \"Several vulnerabilities have been discovered in phpgroupware:\n\n- - CVE-2003-0504: Multiple cross-site scripting (XSS) vulnerabilities\nin Phpgroupware 0.9.14.003 (aka webdistro) allow remote attackers to\ninsert arbitrary HTML or web script, as demonstrated with a request\nto index.php in the addressbook module.\n\n- - CVE-2003-0599: Unknown vulnerability in the Virtual File System\n(VFS) capability for phpGroupWare 0.9.16preRC and versions before\n0.9.14.004 with unknown implications, related to the VFS path being\nunder the web document root.\n\n- - CVE-2003-0657: Multiple SQL injection vulnerabilities in the infolog\nmodule of phpgroupware could allow remote attackers to execute\narbitrary SQL statements.\n\nFor the stable distribution (woody), these problems have been fixed in\nversion 0.9.14-0.RC3.2.woody2.\n\nFor the unstable distribution (sid), these problems will be fixed\nsoon. Refer to Debian bug #201980.\n\nWe recommend that you update your phpgroupware package.\";\ntag_summary = \"The remote host is missing an update to phpgroupware\nannounced via advisory DSA 365-1.\";\n\ntag_solution = \"https://secure1.securityspace.com/smysecure/catid.html?in=DSA%20365-1\";\n\nif(description)\n{\n script_id(53695);\n script_version(\"$Revision: 6616 $\");\n script_tag(name:\"last_modification\", value:\"$Date: 2017-07-07 14:10:49 +0200 (Fri, 07 Jul 2017) $\");\n script_tag(name:\"creation_date\", value:\"2008-01-17 22:36:24 +0100 (Thu, 17 Jan 2008)\");\n script_cve_id(\"CVE-2003-0504\", \"CVE-2003-0599\", \"CVE-2003-0657\");\n script_tag(name:\"cvss_base\", value:\"10.0\");\n script_tag(name:\"cvss_base_vector\", value:\"AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_name(\"Debian Security Advisory DSA 365-1 (phpgroupware)\");\n\n\n\n script_category(ACT_GATHER_INFO);\n\n script_copyright(\"Copyright (c) 2005 E-Soft Inc. http://www.securityspace.com\");\n script_family(\"Debian Local Security Checks\");\n script_dependencies(\"gather-package-list.nasl\");\n script_mandatory_keys(\"ssh/login/debian_linux\", \"ssh/login/packages\");\n script_tag(name : \"solution\" , value : tag_solution);\n script_tag(name : \"insight\" , value : tag_insight);\n script_tag(name : \"summary\" , value : tag_summary);\n script_tag(name:\"qod_type\", value:\"package\");\n script_tag(name:\"solution_type\", value:\"VendorFix\");\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"pkg-lib-deb.inc\");\n\nres = \"\";\nreport = \"\";\nif ((res = isdpkgvuln(pkg:\"phpgroupware-addressbook\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-admin\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-api-doc\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-api\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-bookkeeping\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-bookmarks\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-brewer\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-calendar\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-chat\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-chora\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-comic\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-core-doc\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-core\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-developer-tools\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-dj\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-eldaptir\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-email\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-filemanager\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-forum\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-ftp\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-headlines\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-hr\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-img\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-infolog\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-inv\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-manual\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-messenger\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-napster\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-news-admin\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-nntp\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-notes\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-phonelog\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-phpsysinfo\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-phpwebhosting\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-polls\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-preferences\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-projects\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-registration\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-setup\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-skel\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-soap\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-stocks\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-todo\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-tts\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-wap\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-weather\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware-xmlrpc\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\nif ((res = isdpkgvuln(pkg:\"phpgroupware\", ver:\"0.9.14-0.RC3.2.woody2\", rls:\"DEB3.0\")) != NULL) {\n report += res;\n}\n\nif (report != \"\") {\n security_message(data:report);\n} else if (__pkg_match) {\n exit(99); # Not vulnerable.\n}\n", "cvss": {"score": 10.0, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:COMPLETE/I:COMPLETE/A:COMPLETE/"}}], "nessus": [{"lastseen": "2021-01-07T11:51:19", "description": "Several vulnerabilities were discovered in all versions of\nphpgroupware prior to 0.9.14.006. This latest version fixes an\nexploitable condition in all versions that can be exploited remotely\nwithout authentication and can lead to arbitrary code execution on the\nweb server. This vulnerability is being actively exploited.\n\nVersion 0.9.14.005 fixed several other vulnerabilities including\ncross-site scripting issues that can be exploited to obtain sensitive\ninformation such as authentication cookies.\n\nThis update provides the latest stable version of phpgroupware and all\nusers are encouraged to update immediately. In addition, you should\nalso secure your installation by including the following in your\nApache configuration files :\n\n<Directory /var/www/html/phpgroupware> <Files ~ '.inc.php$'> Order\nallow,deny Deny from all </Files> </Directory>", "edition": 26, "published": "2004-07-31T00:00:00", "title": "Mandrake Linux Security Advisory : phpgroupware (MDKSA-2003:077)", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0504"], "modified": "2004-07-31T00:00:00", "cpe": ["cpe:/o:mandrakesoft:mandrake_linux:9.1", "cpe:/o:mandrakesoft:mandrake_linux:8.2", "cpe:/o:mandrakesoft:mandrake_linux:9.0", "p-cpe:/a:mandriva:linux:phpgroupware"], "id": "MANDRAKE_MDKSA-2003-077.NASL", "href": "https://www.tenable.com/plugins/nessus/14060", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Mandrake Linux Security Advisory MDKSA-2003:077. \n# The text itself is copyright (C) Mandriva S.A.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(14060);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/06\");\n\n script_cve_id(\"CVE-2003-0504\");\n script_xref(name:\"MDKSA\", value:\"2003:077\");\n\n script_name(english:\"Mandrake Linux Security Advisory : phpgroupware (MDKSA-2003:077)\");\n script_summary(english:\"Checks rpm output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Mandrake Linux host is missing a security update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities were discovered in all versions of\nphpgroupware prior to 0.9.14.006. This latest version fixes an\nexploitable condition in all versions that can be exploited remotely\nwithout authentication and can lead to arbitrary code execution on the\nweb server. This vulnerability is being actively exploited.\n\nVersion 0.9.14.005 fixed several other vulnerabilities including\ncross-site scripting issues that can be exploited to obtain sensitive\ninformation such as authentication cookies.\n\nThis update provides the latest stable version of phpgroupware and all\nusers are encouraged to update immediately. In addition, you should\nalso secure your installation by including the following in your\nApache configuration files :\n\n<Directory /var/www/html/phpgroupware> <Files ~ '.inc.php$'> Order\nallow,deny Deny from all </Files> </Directory>\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.security-corporation.com/\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\"Update the affected phpgroupware package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:mandriva:linux:phpgroupware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:8.2\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.0\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:mandrakesoft:mandrake_linux:9.1\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/07/23\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/07/31\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Mandriva Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/cpu\", \"Host/Mandrake/release\", \"Host/Mandrake/rpm-list\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"global_settings.inc\");\ninclude(\"rpm.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Mandrake/release\")) audit(AUDIT_OS_NOT, \"Mandriva / Mandake Linux\");\nif (!get_kb_item(\"Host/Mandrake/rpm-list\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\ncpu = get_kb_item(\"Host/cpu\");\nif (isnull(cpu)) audit(AUDIT_UNKNOWN_ARCH);\nif (cpu !~ \"^(amd64|i[3-6]86|x86_64)$\") audit(AUDIT_LOCAL_CHECKS_NOT_IMPLEMENTED, \"Mandriva / Mandrake Linux\", cpu);\n\n\nflag = 0;\nif (rpm_check(release:\"MDK8.2\", reference:\"phpgroupware-0.9.14.006-0.1mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.0\", reference:\"phpgroupware-0.9.14.006-0.1mdk\", yank:\"mdk\")) flag++;\n\nif (rpm_check(release:\"MDK9.1\", reference:\"phpgroupware-0.9.14.006-0.1mdk\", yank:\"mdk\")) flag++;\n\n\nif (flag)\n{\n if (report_verbosity > 0) security_warning(port:0, extra:rpm_report_get());\n else security_warning(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-20T13:26:24", "description": "The remote host seems to be running PhpGroupWare, a multi-user \ngroupware suite written in PHP.\n\nThis version is reportedly prone to multiple HTML injection \nvulnerabilities. The issues present themselves due to a lack of \nsufficient input validation performed on form fields used by \nPHPGroupWare modules. \n\nA malicious attacker may inject arbitrary HTML and script code using \nthese form fields that may be incorporated into dynamically-generated \nweb content.", "edition": 20, "published": "2004-08-17T00:00:00", "title": "phpGroupWare index.php Addressbook XSS", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0504"], "modified": "2004-08-17T00:00:00", "cpe": ["cpe:/a:phpgroupware:phpgroupware"], "id": "PHPGROUPWARE_HTML_INJECTION.NASL", "href": "https://www.tenable.com/plugins/nessus/14292", "sourceData": "#%NASL_MIN_LEVEL 70300\n#\n# (C) Tenable Network Security, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(14292);\n script_version(\"1.23\");\n\n script_cve_id(\"CVE-2003-0504\");\n script_bugtraq_id(8088);\n\n script_name(english:\"phpGroupWare index.php Addressbook XSS\");\n\n script_set_attribute(attribute:\"synopsis\", value:\n\"A remote web application is vulnerable to multiple cross-site scripting \nattacks.\" );\n script_set_attribute(attribute:\"description\", value:\n\"The remote host seems to be running PhpGroupWare, a multi-user \ngroupware suite written in PHP.\n\nThis version is reportedly prone to multiple HTML injection \nvulnerabilities. The issues present themselves due to a lack of \nsufficient input validation performed on form fields used by \nPHPGroupWare modules. \n\nA malicious attacker may inject arbitrary HTML and script code using \nthese form fields that may be incorporated into dynamically-generated \nweb content.\" );\n script_set_attribute(attribute:\"solution\", value:\n\"Update to version 0.9.14.005 or newer.\" );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:M/Au:N/C:N/I:P/A:N\");\n script_set_cvss_temporal_vector(\"CVSS2#E:H/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No exploit is required\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n script_set_attribute(attribute:\"see_also\", value:\"https://www.phpgroupware.org/\" );\n\n script_set_attribute(attribute:\"plugin_publication_date\", value: \"2004/08/17\");\n script_set_attribute(attribute:\"vuln_publication_date\", value: \"2003/07/02\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/19\");\n script_set_attribute(attribute:\"plugin_type\", value:\"remote\");\n script_set_attribute(attribute:\"cpe\",value:\"cpe:/a:phpgroupware:phpgroupware\");\n script_end_attributes();\n\n \n script_summary(english:\"Checks for PhpGroupWare version\");\n \n script_category(ACT_ATTACK);\n \n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"CGI abuses\");\n script_dependencie(\"phpgroupware_detect.nasl\");\n script_require_ports(\"Services/www\", 80);\n exit(0);\n}\n\n#\n# The script code starts here\n#\n\ninclude(\"http_func.inc\");\n\nport = get_http_port(default:80, embedded:TRUE);\n\nkb = get_kb_item(\"www/\" + port + \"/phpGroupWare\");\nif ( ! kb ) exit(0);\n\nmatches = eregmatch(pattern:\"(.*) under (.*)\", string:kb);\nif ( ereg(pattern:\"^0\\.([0-8]\\.|9\\.([0-9]\\.|1[0-3]\\.|14\\.0*[0-3]([^0-9]|$)))\", string:matches[1]))\n \t\t\tsecurity_warning(port);\n", "cvss": {"score": 4.3, "vector": "AV:N/AC:M/Au:N/C:N/I:P/A:N"}}, {"lastseen": "2021-01-06T09:49:44", "description": "Several vulnerabilities have been discovered in phpgroupware :\n\n - CAN-2003-0504: Multiple cross-site scripting (XSS)\n vulnerabilities in Phpgroupware 0.9.14.003 (aka\n webdistro) allow remote attackers to insert arbitrary\n HTML or web script, as demonstrated with a request to\n index.php in the addressbook module.\n - CAN-2003-0599: Unknown vulnerability in the Virtual File\n System (VFS) capability for phpGroupWare 0.9.16preRC and\n versions before 0.9.14.004 with unknown implications,\n related to the VFS path being under the web document\n root.\n\n - CAN-2003-0657: Multiple SQL injection vulnerabilities in\n the infolog module of phpgroupware could allow remote\n attackers to execute arbitrary SQL statements.", "edition": 25, "published": "2004-09-29T00:00:00", "title": "Debian DSA-365-1 : phpgroupware - several vulnerabilities", "type": "nessus", "bulletinFamily": "scanner", "cvelist": ["CVE-2003-0657", "CVE-2003-0504", "CVE-2003-0599"], "modified": "2004-09-29T00:00:00", "cpe": ["p-cpe:/a:debian:debian_linux:phpgroupware", "cpe:/o:debian:debian_linux:3.0"], "id": "DEBIAN_DSA-365.NASL", "href": "https://www.tenable.com/plugins/nessus/15202", "sourceData": "#%NASL_MIN_LEVEL 70300\n\n#\n# (C) Tenable Network Security, Inc.\n#\n# The descriptive text and package checks in this plugin were \n# extracted from Debian Security Advisory DSA-365. The text \n# itself is copyright (C) Software in the Public Interest, Inc.\n#\n\ninclude('deprecated_nasl_level.inc');\ninclude('compat.inc');\n\nif (description)\n{\n script_id(15202);\n script_version(\"1.23\");\n script_set_attribute(attribute:\"plugin_modification_date\", value:\"2021/01/04\");\n\n script_cve_id(\"CVE-2003-0504\", \"CVE-2003-0599\", \"CVE-2003-0657\");\n script_bugtraq_id(8088);\n script_xref(name:\"DSA\", value:\"365\");\n\n script_name(english:\"Debian DSA-365-1 : phpgroupware - several vulnerabilities\");\n script_summary(english:\"Checks dpkg output for the updated package\");\n\n script_set_attribute(\n attribute:\"synopsis\", \n value:\"The remote Debian host is missing a security-related update.\"\n );\n script_set_attribute(\n attribute:\"description\", \n value:\n\"Several vulnerabilities have been discovered in phpgroupware :\n\n - CAN-2003-0504: Multiple cross-site scripting (XSS)\n vulnerabilities in Phpgroupware 0.9.14.003 (aka\n webdistro) allow remote attackers to insert arbitrary\n HTML or web script, as demonstrated with a request to\n index.php in the addressbook module.\n - CAN-2003-0599: Unknown vulnerability in the Virtual File\n System (VFS) capability for phpGroupWare 0.9.16preRC and\n versions before 0.9.14.004 with unknown implications,\n related to the VFS path being under the web document\n root.\n\n - CAN-2003-0657: Multiple SQL injection vulnerabilities in\n the infolog module of phpgroupware could allow remote\n attackers to execute arbitrary SQL statements.\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"https://bugs.debian.org/201980\"\n );\n script_set_attribute(\n attribute:\"see_also\",\n value:\"http://www.debian.org/security/2003/dsa-365\"\n );\n script_set_attribute(\n attribute:\"solution\", \n value:\n\"For the stable distribution (woody), these problems have been fixed in\nversion 0.9.14-0.RC3.2.woody2.\n\n\nWe recommend that you update your phpgroupware package.\"\n );\n script_set_cvss_base_vector(\"CVSS2#AV:N/AC:L/Au:N/C:C/I:C/A:C\");\n script_set_cvss_temporal_vector(\"CVSS2#E:U/RL:OF/RC:C\");\n script_set_attribute(attribute:\"exploitability_ease\", value:\"No known exploits are available\");\n script_set_attribute(attribute:\"exploit_available\", value:\"false\");\n\n script_set_attribute(attribute:\"plugin_type\", value:\"local\");\n script_set_attribute(attribute:\"cpe\", value:\"p-cpe:/a:debian:debian_linux:phpgroupware\");\n script_set_attribute(attribute:\"cpe\", value:\"cpe:/o:debian:debian_linux:3.0\");\n\n script_set_attribute(attribute:\"patch_publication_date\", value:\"2003/08/05\");\n script_set_attribute(attribute:\"plugin_publication_date\", value:\"2004/09/29\");\n script_set_attribute(attribute:\"vuln_publication_date\", value:\"2003/07/02\");\n script_end_attributes();\n\n script_category(ACT_GATHER_INFO);\n script_copyright(english:\"This script is Copyright (C) 2004-2021 Tenable Network Security, Inc.\");\n script_family(english:\"Debian Local Security Checks\");\n\n script_dependencies(\"ssh_get_info.nasl\");\n script_require_keys(\"Host/local_checks_enabled\", \"Host/Debian/release\", \"Host/Debian/dpkg-l\");\n\n exit(0);\n}\n\n\ninclude(\"audit.inc\");\ninclude(\"debian_package.inc\");\n\n\nif (!get_kb_item(\"Host/local_checks_enabled\")) audit(AUDIT_LOCAL_CHECKS_NOT_ENABLED);\nif (!get_kb_item(\"Host/Debian/release\")) audit(AUDIT_OS_NOT, \"Debian\");\nif (!get_kb_item(\"Host/Debian/dpkg-l\")) audit(AUDIT_PACKAGE_LIST_MISSING);\n\n\nflag = 0;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-addressbook\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-admin\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-api\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-api-doc\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-bookkeeping\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-bookmarks\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-brewer\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-calendar\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-chat\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-chora\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-comic\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-core\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-core-doc\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-developer-tools\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-dj\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-eldaptir\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-email\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-filemanager\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-forum\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-ftp\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-headlines\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-hr\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-img\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-infolog\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-inv\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-manual\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-messenger\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-napster\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-news-admin\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-nntp\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-notes\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-phonelog\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-phpsysinfo\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-phpwebhosting\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-polls\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-preferences\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-projects\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-registration\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-setup\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-skel\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-soap\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-stocks\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-todo\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-tts\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-wap\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-weather\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\nif (deb_check(release:\"3.0\", prefix:\"phpgroupware-xmlrpc\", reference:\"0.9.14-0.RC3.2.woody2\")) flag++;\n\nif (flag)\n{\n if (report_verbosity > 0) security_hole(port:0, extra:deb_report_get());\n else security_hole(0);\n exit(0);\n}\nelse audit(AUDIT_HOST_NOT, \"affected\");\n", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}], "debian": [{"lastseen": "2020-11-11T13:11:53", "bulletinFamily": "unix", "cvelist": ["CVE-2003-0657", "CVE-2003-0504", "CVE-2003-0599"], "description": "- --------------------------------------------------------------------------\nDebian Security Advisory DSA 365-1 security@debian.org\nhttp://www.debian.org/security/ Matt Zimmerman\nAugust 5th, 2003 http://www.debian.org/security/faq\n- --------------------------------------------------------------------------\n\nPackage : phpgroupware\nVulnerability : several\nProblem-Type : remote\nDebian-specific: no\nCVE Ids : CAN-2003-0504, CAN-2003-0599, CAN-2003-0657\n\nSeveral vulnerabilities have been discovered in phpgroupware:\n\n- - CAN-2003-0504: Multiple cross-site scripting (XSS) vulnerabilities\n in Phpgroupware 0.9.14.003 (aka webdistro) allow remote attackers to\n insert arbitrary HTML or web script, as demonstrated with a request\n to index.php in the addressbook module.\n\n- - CAN-2003-0599: Unknown vulnerability in the Virtual File System\n (VFS) capability for phpGroupWare 0.9.16preRC and versions before\n 0.9.14.004 with unknown implications, related to the VFS path being\n under the web document root.\n\n- - CAN-2003-0657: Multiple SQL injection vulnerabilities in the infolog\n module of phpgroupware could allow remote attackers to execute\n arbitrary SQL statements.\n\nFor the stable distribution (woody), these problems have been fixed in\nversion 0.9.14-0.RC3.2.woody2.\n\nFor the unstable distribution (sid), these problems will be fixed\nsoon. Refer to Debian bug #201980.\n\nWe recommend that you update your phpgroupware package.\n\nUpgrade Instructions\n- --------------------\n\nwget url\n will fetch the file for you\ndpkg -i file.deb\n will install the referenced file.\n\nIf you are using the apt-get package manager, use the line for\nsources.list as given below:\n\napt-get update\n will update the internal database\napt-get upgrade\n will install corrected packages\n\nYou may use an automated update by adding the resources from the\nfooter to the proper configuration.\n\nDebian GNU/Linux 3.0 alias woody\n- --------------------------------\n\n Source archives:\n\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.14-0.RC3.2.woody2.dsc\n Size/MD5 checksum: 1648 93a22cf33766d0da16e471ce32c7f213\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.14-0.RC3.2.woody2.diff.gz\n Size/MD5 checksum: 450742 fb1dc330a0811f186c1e03bc91c20ce7\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.14.orig.tar.gz\n Size/MD5 checksum: 8356188 22e715d0884d09aa848d694701a85b6b\n\n Architecture independent components:\n\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-addressbook_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 78752 d825eaa68b15d1c7d7f67c9365ac7c48\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-admin_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 142068 c7a17b0e79a8b4d5a4792df7f5f11241\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-api-doc_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 283128 3b037f7a52c34a89ff70734746983fee\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-api_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 2112084 ac91891afd802b09fdc00be19cbd6088\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-bookkeeping_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 40128 e118ec41df6369ce6315584d11c2d37b\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-bookmarks_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 121132 ef1b1ab9cb60201e8c3735a913967242\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-brewer_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 63446 c17d2fe4803b325f83c4ffbcdf2d291d\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-calendar_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 223392 f20a9d4ea0f0b25312139a981d745d75\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-chat_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 18964 1c2a1ee3ff2a21148e791b0cd19ca8a3\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-chora_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 59788 ab5a2baa28d1ab14f7129ce656649b44\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-comic_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 326248 7c4e63e419dd152886a92c5c09d5b3ab\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-core-doc_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 89112 a0e6a3c0c7ecf74cc244924d2ecf4f55\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-core_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 18902 35099021465ab7ebb2b7ee760e6b70f4\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-developer-tools_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 40780 151e36e027b09e2ae2978a8fc8ebb628\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-dj_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 45410 48471bd170e7b5ee355925264b77eb4f\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-eldaptir_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 47028 a27eb8411e2d41e8f18d6a9af0a864de\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-email_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 313264 626a400affcfcd69e4ee9450d09f2a0c\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-filemanager_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 37432 fef58c4c16d52f85c9992d1c97d2df7d\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-forum_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 47750 0b387b72c9e3d8515ca1dd628e9deff3\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-ftp_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 39450 eb0b97624c8cd153273f4b49560eb17b\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-headlines_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 59416 9d524b292991a8f7340300572f1a5efc\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-hr_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 23774 9bf313b7b7e411ccbfecbcb5a6befed7\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-img_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 38654 af5425ba4df22d7bd089bc5e19721a7b\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-infolog_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 92774 dec62996133857d906fe5c7b7f7bb026\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-inv_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 89368 d680c096b16299f7f37b9b87adb21bb8\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-manual_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 92564 5ea8b1fd199767f7c37f1dc28c13962f\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-messenger_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 29702 e30218b43262f531bbdd76123af55e24\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-napster_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 26126 b3777f397897fc821dc4031075afc5ff\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-news-admin_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 31534 2cbeb9e702f9082beae4e70069cfd541\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-nntp_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 44502 5ee3c873c1497dbf6443611b8d7c195a\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-notes_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 27194 38155a1f43abdaee60edb232c938e781\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-phonelog_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 21706 aaabc4a558f38ef95219ba2cbdca72b9\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-phpsysinfo_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 34984 a6a24cf61f28f903b26f21d5579e62b5\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-phpwebhosting_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 61690 2789e986ec5553158bcfa061f439a016\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-polls_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 29644 8915e9e52820c03d53c3abcd90fdd8e1\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-preferences_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 45586 170eaa764caed9fd4df57fbef1f08a8c\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-projects_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 86298 000b2cb49d1befdd8c5d224a2e6a80d0\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-registration_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 35896 b2f0aad62202ed20be87f58e2f308483\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-setup_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 272394 9b4cbea2aa72d25aa39f66283d9cca9a\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-skel_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 30894 2ed102a96f56e4ad712c457eba20cc3f\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-soap_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 22530 18261fb8b7e3edb8954db7fe2f9188a5\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-stocks_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 26644 c253f429544d85128f18c5b5f78683d7\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-todo_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 43124 1d526e61157760f0363f230fede803ee\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-tts_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 46140 9f7147cb2da079c4e15343ae7044c9f2\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-wap_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 27570 3f10b7ce2ea59162bbe48de3a6ba5a14\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-weather_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 498274 9cdf6321099ce4870fe2f70ae722986a\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware-xmlrpc_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 74426 50076afe3bd152ae3c8282f2f795b6ae\n http://security.debian.org/pool/updates/main/p/phpgroupware/phpgroupware_0.9.14-0.RC3.2.woody2_all.deb\n Size/MD5 checksum: 25652 5dc38752cd0a47e16a213de78524e1de\n\n These files will probably be moved into the stable distribution on\n its next revision.\n\n- ---------------------------------------------------------------------------------\nFor apt-get: deb http://security.debian.org/ stable/updates main\nFor dpkg-ftp: ftp://security.debian.org/debian-security dists/stable/updates/main\nMailing list: debian-security-announce@lists.debian.org\nPackage info: `apt-cache show <pkg>' and http://packages.debian.org/<pkg>\n", "edition": 3, "modified": "2003-08-05T00:00:00", "published": "2003-08-05T00:00:00", "id": "DEBIAN:DSA-365-1:0EC81", "href": "https://lists.debian.org/debian-security-announce/debian-security-announce-2003/msg00164.html", "title": "[SECURITY] [DSA-365-1] New phpgroupware package fix several vulnerabilities", "type": "debian", "cvss": {"score": 10.0, "vector": "AV:N/AC:L/Au:N/C:C/I:C/A:C"}}]}