WeBWorK Program Generation Translator.pm Macro Filename Protection Bypass

2006-12-09T22:01:05
ID OSVDB:35928
Type osvdb
Reporter OSVDB
Modified 2006-12-09T22:01:05

Description

Solution Description

Upgrade to version 2.3.1 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

References:

Vendor Specific News/Changelog Entry: http://devel.webwork.rochester.edu/twiki/bin/view/Webwork/PGLanguageRelease2pt3pt1 FrSIRT Advisory: ADV-2006-5026 CVE-2006-6629 Bugtraq ID: 21614