Updated owncloud package fixes security vulnerabilities
Publication date: 13 Aug 2015Modification date: 07 Mar 2016
Type: security
Affected Mageia releases : 4 , 5
CVE: CVE-2015-4715 , CVE-2015-4717 , CVE-2015-4718
Description
In ownCloud before 6.0.8 and 8.0.4, a bug in the SDK used to connect
ownCloud against the Dropbox server might allow the owner of "Dropbox.com"
to gain access to any files on the ownCloud server if an external Dropbox
storage was mounted (CVE-2015-4715).
In ownCloud before 6.0.8 and 8.0.4, the sanitization component for
filenames was vulnerable to DoS when parsing specially crafted file names
passed via specific endpoints. Effectively this lead to a endless loop
filling the log file until the system is not anymore responsive
(CVE-2015-4717).
In ownCloud before 6.0.8 and 8.0.4, the external SMB storage of ownCloud
was not properly neutralizing all special elements which allows an
adversary to execute arbitrary SMB commands. This was caused by improperly
sanitizing the ";" character which is interpreted as command separator by
smbclient (the used software to connect to SMB shared by ownCloud).
Effectively this allows an attacker to gain access to any file on the
system or overwrite it, finally leading to a PHP code execution in the
case of ownCloud's config file (CVE-2015-4718).
References
- https://bugs.mageia.org/show_bug.cgi?id=16491
- https://owncloud.org/security/advisory/?id=oc-sa-2015-005
- https://owncloud.org/security/advisory/?id=oc-sa-2015-007
- https://owncloud.org/security/advisory/?id=oc-sa-2015-008
- http://owncloud.org/changelog/
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4715
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4717
- https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-4718
SRPMS
4/core
- owncloud-6.0.9-1.mga4
5/core
- owncloud-8.0.5-1.2.mga5