Ubuntu
mahara package

privilege escalation for institution admins CVE-2009-3298

Bug #463082 reported by François Marier on 2009-10-29

258

This bug affects 1 person

	Status	Importance	Assigned to
mahara (Ubuntu)	Fix Released	Undecided	François Marier
Jaunty	Fix Released	Undecided	Unassigned
Karmic	Fix Released	Undecided	Unassigned
Lucid	Fix Released	Undecided	François Marier

Bug Description

Binary package hint: mahara

Using an institutional administrator account to reset the password of the global site administrator if the site administrator is a member of the institution.

Related branches

lp:ubuntu/lucid/mahara

lp:ubuntu/jaunty-updates/mahara

lp:ubuntu/karmic-security/mahara

CVE References

François Marier (fmarier) on 2009-10-29

Changed in mahara (Ubuntu):
assignee:	nobody → François Marier (fmarier)

Revision history for this message

François Marier (fmarier) wrote on 2009-10-30:

debdiff against the last version of mahara in jaunty Edit (3.8 KiB, text/plain)

Revision history for this message

François Marier (fmarier) wrote on 2009-10-30:

debdiff against the last version of mahara in karmic Edit (5.2 KiB, text/plain)

Jamie Strandboge (jdstrand) on 2009-10-30

Changed in mahara (Ubuntu Jaunty):
status:	New → In Progress
Changed in mahara (Ubuntu Karmic):
status:	New → In Progress

Jamie Strandboge (jdstrand) on 2009-10-30

Changed in mahara (Ubuntu Lucid):
status:	New → Confirmed

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2009-11-04:

This is now public: http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2009-3298

visibility:

private → public

Revision history for this message

Jamie Strandboge (jdstrand) wrote on 2009-11-04:

Thanks for the debdiffs!

The jaunty debdiff did not apply cleanly due to the previous version's pocket. Both debdiffs need to use '-security' as part of the distribution name. See https://wiki.ubuntu.com/SecurityTeam/UpdatePreparation#Packaging for details.

I have fixed these and will upload them shortly.

Changed in mahara (Ubuntu Jaunty):
status:	In Progress → Fix Committed
Changed in mahara (Ubuntu Karmic):
status:	In Progress → Fix Committed

Revision history for this message

Launchpad Janitor (janitor) wrote on 2009-11-04:

This bug was fixed in the package mahara - 1.1.5-1ubuntu1

---------------
mahara (1.1.5-1ubuntu1) lucid; urgency=low

  [ Francois Marier ]
  * SECURITY UPDATE: privilege escalation (LP: #463082)
    - debian/patches/CVE-2009-3298.dpatch: fix from upstream
    - CVE-2009-3298
  * SECURITY UPDATE: cross-site scripting vulnerability (LP: #463083)
    - debian/patches/CVE-2009-3299.dpatch: fix from upstream
    - CVE-2009-3299
  * Add dpatch support

-- Jamie Strandboge <email address hidden> Wed, 04 Nov 2009 11:29:22 -0600

Changed in mahara (Ubuntu Lucid):
status:	Confirmed → Fix Released

Jamie Strandboge (jdstrand) on 2009-11-05

Changed in mahara (Ubuntu Jaunty):
status:	Fix Committed → Fix Released
Changed in mahara (Ubuntu Karmic):
status:	Fix Committed → Fix Released

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Patches

Add patch

Remote bug watches

Bug watches keep track of this bug in other bug trackers.

Ubuntumahara package

privilege escalation for institution admins CVE-2009-3298

Bug Description

Related branches

CVE References

Other bug subscribers

Patches

Remote bug watches

Ubuntu
mahara package