The Vigil@nce team watches public vulnerabilities impacting your computers, and then offers security solutions, a vigilance database and tools to fix them.

Vulnerability of LDAP Account Manager: code execution and Cross Site Scripting

Synthesis of the vulnerability 

An attacker can exploit two vulnerabilities of LDAP Account Manager.
Impacted products: Debian, Unix (platform) ~ not comprehensive.
Severity of this bulletin: 2/4.
Number of vulnerabilities in this bulletin: 2.
Creation date: 07/05/2007.
Références of this threat: BID-23857, CERTA-2002-AVI-088, CVE-2006-7191, CVE-2007-1840, DSA-1287-1, VIGILANCE-VUL-6789.

Description of the vulnerability 

The LDAP Account Manager (LAM) program permits to manage accounts stored in a LDAP directory. It has two vulnerabilities.

The lib/lamdaemon.pl daemon calls the rm command without using its full path, and without checking the PATH environment variable. A local attacker can therefore force daemon to execute code located in a malicious command. [severity:2/4; CVE-2006-7191]

The lib/modules.inc file does not correctly filter username before displaying it, which can lead to a Cross Site Scripting attack. [severity:2/4; CVE-2007-1840]
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

This cybersecurity alert impacts software or systems such as Debian, Unix (platform) ~ not comprehensive.

Our Vigil@nce team determined that the severity of this weakness is medium.

The trust level is of type confirmed by the editor, with an origin of document.

This bulletin is about 2 vulnerabilities.

An attacker with a expert ability can exploit this security weakness.

Solutions for this threat 

LDAP Account Manager: version 1.3.0.
Version 1.3.0 is corrected:
  http://lam.sourceforge.net/

Debian 3.1: new ldap-account-manager packages.
New packages are available:
Source archives:
  http://security.debian.org/pool/updates/main/l/ldap-account-manager/ldap-account-manager_0.4.9-2sarge1.dsc
    Size/MD5 checksum: 629 e35751aee6f3d2658caa7f7e605b7c69
  http://security.debian.org/pool/updates/main/l/ldap-account-manager/ldap-account-manager_0.4.9-2sarge1.diff.gz
    Size/MD5 checksum: 12059 4c853e7304c431d7da29e8988bafff7a
  http://security.debian.org/pool/updates/main/l/ldap-account-manager/ldap-account-manager_0.4.9.orig.tar.gz
    Size/MD5 checksum: 423988 6478d91210dbf13c9d49b7aa1a971be1
Architecture independent packages:
  http://security.debian.org/pool/updates/main/l/ldap-account-manager/ldap-account-manager_0.4.9-2sarge1_all.deb
    Size/MD5 checksum: 408360 47e7959aedbc6f62a3c266708d8208a8
Full bulletin, software filtering, emails, fixes, ... (Request your free trial)

Computer vulnerabilities tracking service 

Vigil@nce provides applications vulnerabilities patches. The technology watch team tracks security threats targeting the computer system.