GLSA-200506-21 : Trac: File upload vulnerability
Medium Nessus Plugin ID 18548
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-200506-21 (Trac: File upload vulnerability)
Stefan Esser of the Hardened-PHP project discovered that Trac fails to validate the 'id' parameter when uploading attachments to the wiki or the bug tracking system.
A remote attacker could exploit the vulnerability to upload arbitrary files to a directory where the webserver has write access to, possibly leading to the execution of arbitrary code.
There is no known workaround at this time.
SolutionAll Trac users should upgrade to the latest available version:
# emerge --sync # emerge --ask --oneshot --verbose '>=www-apps/trac-0.8.4'