[Koha-bugs] [Bug 7265] New: [security] Local File Inclusion Vulnerability

bugzilla-daemon at bugs.koha-community.org bugzilla-daemon at bugs.koha-community.org
Fri Nov 25 06:24:58 CET 2011


http://bugs.koha-community.org/bugzilla3/show_bug.cgi?id=7265

             Bug #: 7265
           Summary: [security] Local File Inclusion Vulnerability
    Classification: Unclassified
 Change sponsored?: ---
           Product: Koha
           Version: rel_3_6
          Platform: All
        OS/Version: All
            Status: NEW
          Severity: critical
          Priority: P5 - low
         Component: Architecture, internals, and plumbing
        AssignedTo: gmcharlt at gmail.com
        ReportedBy: semarie-koha at latrappe.fr
         QAContact: ian.walls at bywatersolutions.com


An exploit has been published against LibLime Koha <= 4.2 on
http://1337day.com/exploits/17246 .

After quick verification, koha 3.6.x is vulnerable (other version should be
too).

As the exploit is public, this bug report is too.

Thanks.

-- 
Configure bugmail: http://bugs.koha-community.org/bugzilla3/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are watching all bug changes.


More information about the Koha-bugs mailing list