CVE-2010-3691 - Improper Link Resolution Before File Access ('Link Following')

Severity

32%

Complexity

34%

Confidentiality

81%

PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to overwrite arbitrary files via a symlink attack on an unspecified file.

PGTStorage/pgt-file.php in phpCAS before 1.1.3, when proxy mode is enabled, allows local users to overwrite arbitrary files via a symlink attack on an unspecified file.

CVSS 2.0 Base Score 3.3. CVSS Attack Vector: local. CVSS Attack Complexity: medium. CVSS Vector: (AV:L/AC:M/Au:N/C:N/I:P/A:P).

Overview

Type

Apereo phpCAS

First reported 14 years ago

2010-10-07 21:00:00

Last updated 5 years ago

2019-12-30 12:59:00

Affected Software

Apereo phpCAS 0.2

0.2

Apereo phpCAS 0.3

0.3

Apereo phpCAS 0.3.1

0.3.1

Apereo phpCAS 0.3.2

0.3.2

Apereo phpCAS 0.4

0.4

Apereo phpCAS 0.4.1

0.4.1

Apereo phpCAS 0.4.8

0.4.8

Apereo phpCAS 0.4.9

0.4.9

Apereo phpCAS 0.4.10

0.4.10

Apereo phpCAS 0.4.11

0.4.11

Apereo phpCAS 0.4.12

0.4.12

Apereo phpCAS 0.4.13

0.4.13

Apereo phpCAS 0.4.14

0.4.14

Apereo phpCAS 0.4.15

0.4.15

Apereo phpCAS 0.4.16

0.4.16

Apereo phpCAS 0.4.17

0.4.17

Apereo phpCAS 0.4.18

0.4.18

Apereo phpCAS 0.4.19

0.4.19

Apereo phpCAS 0.4.20

0.4.20

Apereo phpCAS 0.4.21

0.4.21

Apereo phpCAS 0.4.22

0.4.22

Apereo phpCAS 0.4.23

0.4.23

Apereo phpCAS 0.5.0

0.5.0

Apereo phpCAS 0.5.1

0.5.1

Apereo phpCAS 0.6.0

0.6.0

Apereo phpCAS 1.0.0

1.0.0

Apereo phpCAS 1.0.1

1.0.1

Apereo phpCAS 1.1.0

1.1.0

Apereo phpCAS 1.1.1

1.1.1

References

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=495542#82

FEDORA-2010-16905

FEDORA-2010-16912

FEDORA-2010-15943

FEDORA-2010-15970

41878

42149

42184

43427

DSA-2172

[oss-security] 20100929 CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback

[oss-security] 20101001 Re: CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback

[oss-security] 20101001 Re: CVE request - phpCAS: prevent symlink attacks, directory traversal and XSS during a proxy callback

43585

ADV-2010-2705

ADV-2010-2909

ADV-2011-0456

https://developer.jasig.org/source/changelog/jasigsvn?cs=21538

https://forge.indepnet.net/projects/glpi/repository/revisions/12601

https://issues.jasig.org/browse/PHPCAS-80

Stay updated

ExploitPedia is constantly evolving. Sign up to receive a notification when we release additional functionality.

Get in touch

If you'd like to report a bug or have any suggestions for improvements then please do get in touch with us using this form. We will get back to you as soon as we can.