CVE-2010-3692 Information

Description

Directory traversal vulnerability in the callback function in client.php in phpCAS before 1.1.3 when proxy mode is enabled allows remote attackers to create or overwrite arbitrary files via directory traversal sequences in a Proxy Granting Ticket IOU (PGTiou) parameter.

Reference

http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=49554282 http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050415.html http://lists.fedoraproject.org/pipermail/package-announce/2010-November/050428.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049600.html http://lists.fedoraproject.org/pipermail/package-announce/2010-October/049602.html http://secunia.com/advisories/41878 http://secunia.com/advisories/42149 http://secunia.com/advisories/42184 http://secunia.com/advisories/43427 http://www.debian.org/security/2011/dsa-2172 http://www.openwall.com/lists/oss-security/2010/09/29/6 http://www.openwall.com/lists/oss-security/2010/10/01/2 http://www.openwall.com/lists/oss-security/2010/10/01/5 http://www.securityfocus.com/bid/43585 http://www.vupen.com/english/advisories/2010/2705 http://www.vupen.com/english/advisories/2010/2909 http://www.vupen.com/english/advisories/2011/0456 https://developer.jasig.org/source/changelog/jasigsvn?cs=21538 https://forge.indepnet.net/projects/glpi/repository/revisions/12601 https://issues.jasig.org/browse/PHPCAS-80