GLSA Advocate
Joined: 12 May 2004 Posts: 2663
|
Posted: Sat Nov 10, 2018 12:26 am Post subject: [ GLSA 201811-05 ] PHProjekt |
|
|
Gentoo Linux Security Advisory
Title: PHProjekt: Multiple vulnerabilities (GLSA 201811-05)
Severity: normal
Exploitable: remote
Date: 2018-11-10
Bug(s): #650936
ID: 201811-05
Synopsis
Multiple vulnerabilities have been found in PHProjekt due to
embedded Zend Framework, the worst of which could allow attackers to
remotely execute arbitrary commands.
Background
PHProjekt is an application suite that supports communication and
management of teams and companies.
Affected Packages
Package: www-apps/phprojekt
Vulnerable: <= 6.1.2
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in PHProjekt due to
embedded Zend Framework. Please review the GLSA identifiers referenced
below for details.
Impact
Remote attackers could execute arbitrary commands or conduct SQL
injection attacks.
Workaround
There is no known workaround at this time.
Resolution
Gentoo has discontinued support for PHProjekt and recommends that users
unmerge the package:
Code: | # emerge --unmerge "www-apps/phprojekt"
|
References
GLSA 201804-10 |
|