Lucene search
K
Database
Vendors
Products
Years
CVSS
Scanner
Agent Scanning
API Scanning
Manual Audit
Perimeter Scanner
Scanning
Projects
Email
Webhook
Plugins
Resources
Documents
Blog
Glossary
FAQ
Pricing
Contacts
About Us
Partners
Branding Guideline
securityvulnsSecurityvulnsSECURITYVULNS:DOC:22076
HistoryJun 25, 2009 - 12:00 a.m.

[USN-791-3] Smarty vulnerability

2009-06-2500:00:00
vulners.com
57
JSON

===========================================================
Ubuntu Security Notice USN-791-3 June 24, 2009
smarty vulnerability
CVE-2009-1669

A security issue affects the following Ubuntu releases:

Ubuntu 9.04

This advisory also applies to the corresponding versions of
Kubuntu, Edubuntu, and Xubuntu.

The problem can be corrected by upgrading your system to the
following package versions:

Ubuntu 9.04:
smarty 2.6.22-1ubuntu1.1

In general, a standard system upgrade is sufficient to effect the
necessary changes.

Details follow:

It was discovered that Smarty did not correctly filter certain math
inputs. A remote attacker using Smarty via a web service could exploit
this to execute subsets of shell commands as the web server user.

Updated packages for Ubuntu 9.04:

Source archives:

http://security.ubuntu.com/ubuntu/pool/main/s/smarty/smarty_2.6.22-1ubuntu1.1.diff.gz
  Size/MD5:     5384 cddf82ac12a8bf55573d7382cbbb3609
http://security.ubuntu.com/ubuntu/pool/main/s/smarty/smarty_2.6.22-1ubuntu1.1.dsc
  Size/MD5:     1220 b96705a4b32e7e7e0965a71986f908b8
http://security.ubuntu.com/ubuntu/pool/main/s/smarty/smarty_2.6.22.orig.tar.gz
  Size/MD5:   158529 a6e1d94453104c42374901da5139744c

Architecture independent packages:

http://security.ubuntu.com/ubuntu/pool/main/s/smarty/smarty_2.6.22-1ubuntu1.1_all.deb
  Size/MD5:   204018 7ed9dc3ba0843ff6b2acf57f94ee31c3

Related

openvas 14
nessus 7
ubuntucve 2
ubuntu 2
cve 2
fedora 3
prion 2
debian 2
osv 1
debiancve 1
securityvulns 1
gentoo 1
openvas
openvas
Fedora Core 11 FEDORA-2009-5520 (php-Smarty)
2009-06-05 00:00:00
Fedora Core 9 FEDORA-2009-5516 (php-Smarty)
2009-06-05 00:00:00
Fedora Core 11 FEDORA-2009-5520 (php-Smarty)
2009-06-05 00:00:00
nessus
nessus
Fedora 11 : php-Smarty-2.6.25-1.fc11 (2009-5520)
2009-05-28 00:00:00
Ubuntu 9.04 : smarty vulnerability (USN-791-3)
2009-06-25 00:00:00
Fedora 10 : php-Smarty-2.6.25-1.fc10 (2009-5525)
2009-05-28 00:00:00
ubuntucve
ubuntucve
CVE-2009-1669
2009-05-18 00:00:00
CVE-2010-4726
2011-02-03 00:00:00
ubuntu
ubuntu
Smarty vulnerability
2009-06-24 00:00:00
Moodle vulnerabilities
2009-06-24 00:00:00
cve
cve
CVE-2009-1669
2009-05-18 18:30:00
CVE-2010-4726
2011-02-03 17:00:00
fedora
fedora
[SECURITY] Fedora 10 Update: php-Smarty-2.6.25-1.fc10
2009-05-27 19:06:20
[SECURITY] Fedora 9 Update: php-Smarty-2.6.25-1.fc9
2009-05-27 19:07:46
[SECURITY] Fedora 11 Update: php-Smarty-2.6.25-1.fc11
2009-05-27 19:08:31
prion
prion
Information disclosure
2009-05-18 18:30:00
Design/Logic Flaw
2011-02-03 17:00:00
debian
debian
[SECURITY] [DSA 1919-1] New smarty packages fix several vulnerabilities
2009-10-25 16:24:59
[SECURITY] [DSA 1919-2] New smarty packages fix regression
2010-08-17 20:47:14
osv
osv
smarty - several vulnerabilities
2009-10-25 00:00:00
debiancve
debiancve
CVE-2010-4726
2011-02-03 17:00:00
securityvulns
securityvulns
Daily web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)
2009-06-26 00:00:00
gentoo
gentoo
Smarty: Multiple vulnerabilities
2010-06-02 00:00:00
JSON
Related for SECURITYVULNS:DOC:22076
openvas14nessus7ubuntucve2ubuntu2cve2fedora3prion2debian2osv1debiancve1securityvulns1gentoo1