• News
• Infocus
• Foundations
• Microsoft
• Unix
• IDS
• Incidents
• Virus
• Pen-Test
• Firewalls
• Columnists
• Mailing Lists
• Newsletters
• Bugtraq
• Focus on IDS
• Focus on Linux
• Focus on Microsoft
• Forensics
• Pen-test
• Security Basics
• Vuln Dev
• Vulnerabilities
• Jobs
• Job Opportunities
• Resumes
• Job Seekers
• Employers
• Tools
• RSS
• News
• Vulns
• Security Research

• info
• discussion
• exploit
• solution
• references

PHPsysInfo Multiple Input Validation Vulnerabilities

Solution:

These vulnerabilities have been fixed in the 2.4.1 release of phpSysinfo. Please see the referenced advisories for further information.


eGroupWare eGroupWare 1.0 .0.007

• Debian egroupware-addressbook_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-a ddressbook_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-bookmarks_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-b ookmarks_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-calendar_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-c alendar_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-comic_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-c omic_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-core_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-c ore_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-developer-tools_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-d eveloper-tools_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-email_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-e mail_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-emailadmin_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-e mailadmin_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-etemplate_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-e template_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-felamimail_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-f elamimail_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-filemanager_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-f ilemanager_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-forum_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-f orum_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-ftp_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-f tp_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-fudforum_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-f udforum_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-headlines_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-h eadlines_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-infolog_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-i nfolog_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-jinn_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-j inn_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-ldap_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-l dap_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-manual_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-m anual_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-messenger_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-m essenger_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-news-admin_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-n ews-admin_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-phpbrain_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-p hpbrain_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-phpldapadmin_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-p hpldapadmin_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-phpsysinfo_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-p hpsysinfo_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-polls_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-p olls_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-projects_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-p rojects_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-registration_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-r egistration_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-sitemgr_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-s itemgr_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-stocks_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-s tocks_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-tts_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-t ts_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-wiki_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-w iki_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware_1 .0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-bookmarks_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-b ookmarks_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-calendar_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-c alendar_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-comic_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-c omic_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-core_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-c ore_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-developer-tools_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-d eveloper-tools_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-email_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-e mail_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-emailadmin_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-e mailadmin_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-etemplate_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-e template_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-felamimail_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-f elamimail_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-filemanager_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-f ilemanager_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-forum_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-f orum_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-ftp_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-f tp_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-fudforum_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-f udforum_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-headlines_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-h eadlines_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-infolog_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-i nfolog_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-jinn_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-j inn_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-ldap_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-l dap_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-manual_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-m anual_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-messenger_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-m essenger_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-news-admin_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-n ews-admin_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-phpbrain_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-p hpbrain_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-phpldapadmin_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-p hpldapadmin_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-phpsysinfo_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-p hpsysinfo_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-polls_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-p olls_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-projects_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-p rojects_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-registration_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-r egistration_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-sitemgr_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-s itemgr_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-stocks_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-s tocks_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-tts_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-t ts_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware-wiki_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware-w iki_1.0.0.007-2.dfsg-2sarge4_all.deb


• Debian egroupware_1.0.0.007-2.dfsg-2sarge4_all.deb
  Debian GNU/Linux 3.1 alias sarge
  http://security.debian.org/pool/updates/main/e/egroupware/egroupware_1 .0.0.007-2.dfsg-2sarge4_all.deb

phpSysInfo phpSysInfo 2.0

• phpSysinfo phpSysInfo-2.4.1.tar.gz
  http://prdownloads.sourceforge.net/phpsysinfo/phpSysInfo-2.4.1.tar.gz

phpSysInfo phpSysInfo 2.1

• phpSysinfo phpSysInfo-2.4.1.tar.gz
  http://prdownloads.sourceforge.net/phpsysinfo/phpSysInfo-2.4.1.tar.gz

phpSysInfo phpSysInfo 2.3

• phpSysinfo phpSysInfo-2.4.1.tar.gz
  http://prdownloads.sourceforge.net/phpsysinfo/phpSysInfo-2.4.1.tar.gz

phpSysInfo phpSysInfo 2.4

• phpSysinfo phpSysInfo-2.4.1.tar.gz
  http://prdownloads.sourceforge.net/phpsysinfo/phpSysInfo-2.4.1.tar.gz