Candidate: CVE-2010-3692
PublicDate: 2010-10-07 21:00:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-3692
 https://github.com/glpi-project/glpi/commit/5b1d4768334b4424882931ca5800258b8dc72479
Description:
 Directory traversal vulnerability in the callback function in client.php in
 phpCAS before 1.1.3, when proxy mode is enabled, allows remote attackers to
 create or overwrite arbitrary files via directory traversal sequences in a
 Proxy Granting Ticket IOU (PGTiou) parameter.
Ubuntu-Description:
Notes:
 sbeattie> fixed in php-cas 1.1.3
Bugs:
Priority: medium
Discovered-by:
Assigned-to:
CVSS: 

Patches_glpi:
upstream_glpi: released (0.80)
dapper_glpi: DNE
hardy_glpi: ignored (reached end-of-life)
jaunty_glpi: ignored (reached end-of-life)
karmic_glpi: ignored (reached end-of-life)
lucid_glpi: ignored (reached end-of-life)
maverick_glpi: ignored (reached end-of-life)
natty_glpi: ignored (reached end-of-life)
oneiric_glpi: ignored (reached end-of-life)
precise_glpi: not-affected (0.80.7-1)
quantal_glpi: ignored (reached end-of-life)
raring_glpi: ignored (reached end-of-life)
saucy_glpi: ignored (reached end-of-life)
trusty_glpi: not-affected (0.80.7-1)
trusty/esm_glpi: DNE (trusty was not-affected [0.80.7-1])
utopic_glpi: ignored (reached end-of-life)
vivid_glpi: ignored (reached end-of-life)
vivid/stable-phone-overlay_glpi: DNE
vivid/ubuntu-core_glpi: DNE
wily_glpi: ignored (reached end-of-life)
xenial_glpi: not-affected (0.80.7-1)
yakkety_glpi: not-affected (0.80.7-1)
devel_glpi: DNE

Patches_moodle:
upstream_moodle: needs-triage
dapper_moodle: ignored (reached end-of-life)
hardy_moodle: ignored (reached end-of-life)
jaunty_moodle: ignored (reached end-of-life)
karmic_moodle: ignored (reached end-of-life)
lucid_moodle: ignored (reached end-of-life)
maverick_moodle: ignored (reached end-of-life)
natty_moodle: ignored (reached end-of-life)
oneiric_moodle: ignored (reached end-of-life)
precise_moodle: not-affected (1.9.9.dfsg2-5)
quantal_moodle: not-affected (1.9.9.dfsg2-5)
raring_moodle: not-affected (1.9.9.dfsg2-5)
saucy_moodle: not-affected (1.9.9.dfsg2-5)
trusty_moodle: not-affected (1.9.9.dfsg2-5)
trusty/esm_moodle: DNE (trusty was not-affected [1.9.9.dfsg2-5])
utopic_moodle: not-affected (1.9.9.dfsg2-5)
vivid_moodle: not-affected (1.9.9.dfsg2-5)
vivid/stable-phone-overlay_moodle: DNE
vivid/ubuntu-core_moodle: DNE
wily_moodle: not-affected (1.9.9.dfsg2-5)
xenial_moodle: not-affected (1.9.9.dfsg2-5)
yakkety_moodle: not-affected (1.9.9.dfsg2-5)
devel_moodle: not-affected (1.9.9.dfsg2-5)