eZ Publish Tipafriend Function Open Email Relay Vulnerability

Bugtraq ID:	25538
Class:	Input Validation Error
CVE:	CVE-2007-4494
Remote:	Yes
Local:	No
Published:	Sep 04 2007 12:00AM
Updated:	Sep 05 2007 10:01PM
Credit:	The vendor reported this issue.
Vulnerable:	eZ Systems eZ publish 3.9.2 eZ Systems eZ publish 3.9.1 eZ Systems eZ publish 3.9 eZ Systems eZ publish 3.8.8
Not Vulnerable:	eZ Systems eZ publish 3.9.3 eZ Systems eZ publish 3.8.9

eZ Publish Tipafriend Function Open Email Relay Vulnerability

eZ Publish is prone to an open-email-relay vulnerability because the application fails to sufficiently validate user-supplied input.

An attacker could exploit this issue by constructing a script that would send unsolicited spam to an unrestricted amount of email addresses with a forged email address.

Successfully exploiting this issue may allow the attacker to obtain sensitive information.

eZ Publish Tipafriend Function Open Email Relay Vulnerability

Attackers may exploit this issue through a browser.

eZ Publish Tipafriend Function Open Email Relay Vulnerability

Solution:
The vendor released updates to address this issue. Please see the references for more information.


eZ Systems eZ publish 3.8.8

• eZ Systems ezpublish-3.8.9-gpl.tar.gz
  http://ez.no/content/download/206242/1364183/file/ezpublish-3.8.9-gpl. tar.gz

eZ Systems eZ publish 3.9

• eZ Systems ezpublish-3.9.3-gpl.tar.bz2
  http://ez.no/content/download/206289/1364343/file/ezpublish-3.9.3-gpl. tar.bz2

eZ Systems eZ publish 3.9.1

• eZ Systems ezpublish-3.9.3-gpl.tar.bz2
  http://ez.no/content/download/206289/1364343/file/ezpublish-3.9.3-gpl. tar.bz2

eZ Systems eZ publish 3.9.2

• eZ Systems ezpublish-3.9.3-gpl.tar.bz2
  http://ez.no/content/download/206289/1364343/file/ezpublish-3.9.3-gpl. tar.bz2

eZ Publish Tipafriend Function Open Email Relay Vulnerability

References:

• eZ Publish Changelog 3.9.2 to 3.9.3 (eZ Systems)
  
• eZ Publish Web Site (eZ Systems)
  
• eZ Publish security fixes 3.9.3 and 3.8.9 (eZ Systems)