[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    [oss-security] CVE Request: Parameter Injection in jCryption 3.0
From:       David Tomaschik <david () systemoverlord ! com>
Date:       2014-06-18 13:45:37
Message-ID: CAOy4VzeHz9k8OMqNhpojZKb2_76mNw2j1P9_2qaaqJs2j5YyKg () mail ! gmail ! com
[Download RAW message or body]


jCryption 3.0 suffers from a parameter injection vulnerability due to
passing an attacker-controlled string to PHP's proc_open function.  Though
the PHP code is not distributed as a library, it is presented as a
copy-and-paste server side implementation to match the jQuery module, and
sites that have done so, or have left the jcryption.php file on their
server, are vulnerable.  This vulnerability (at least) allows an attacker
to read arbitrary files, including the RSA private key used by jCryption.

jCryption 3.0.1 fixes the issue and is available at
http://www.jcryption.org/.  Details are in the advisory on my blog:
https://systemoverlord.com/blog/2014/06/18/parameter-injection-in-jcryption/

-- 
David Tomaschik
OpenPGP: 0x5DEA789B
http://systemoverlord.com
david@systemoverlord.com


[prev in list] [next in list] [prev in thread] [next in thread]