| VID |
21310 |
| Severity |
40 |
| Port |
80, ... |
| Protocol |
TCP |
| Class |
CGI |
| Detailed Description |
The Chora installed on the remote Web server, is vulnerable to a Remote Command Execution Vulnerability.
Chora is an advanced web-based viewer for viewing code repositories that are managed using the CVS(Concurrent Versions System) source control system. The versions prior to 1.2.2 of Chora could allow a remote attacker to execute arbitrary shell commands, caused by the flaw in the 'diff' handling code. By supplying the specified shell commands being executed in an exec() call, combining with PHP's file upload functionality configured by default, a remote attacker could upload arbitrary binaries and to execute them on the remote system,
* Note: This check solely relied on the version number of the remote Horde Chora to assess this vulnerability, so this might be a false positive. If the version number was obtained from the file 'README' and you upgraded to the version 1.2.2 and later that released on June, 12, 2004 and later, please ignore this alert.
* References:
http://security.e-matters.de/advisories/102004.html
* Platforms Affected:
Chora prior to 1.2.2
Linux, Unix Any version |
| Recommendation |
Upgrade to the latest version(1.2.2 or later) of Chora from the Horde download site: http://www.horde.org/chora/download/ |
| Related URL |
(CVE) |
| Related URL |
10531 (SecurityFocus) |
| Related URL |
16401 (ISS) |
|
