Lucene search

K
osvGoogleOSV:DSA-746-1
HistoryJul 13, 2005 - 12:00 a.m.

phpgroupware - remote command execution

2005-07-1300:00:00
Google
osv.dev
7

A vulnerability had been identified in the xmlrpc library included with
phpgroupware, a web-based application including email, calendar and
other groupware functionality. This vulnerability could lead to the
execution of arbitrary commands on the server running phpgroupware.

The security team is continuing to investigate the version of
phpgroupware included with the old stable distribution (woody). At this
time we recommend disabling phpgroupware or upgrading to the current
stable distribution (sarge).

For the current stable distribution (sarge) this problem has been fixed
in version 0.9.16.005-3.sarge0.

For the unstable distribution (sid) this problem has been fixed in
version 0.9.16.006-1.

We recommend that you upgrade your phpgroupware package.

CPENameOperatorVersion
phpgroupwareeq0.9.16.005-3