English | Deutsch | Español
 
Home ▼
Home About Us Contact Us Privacy Partner Programs Testimonials In Press Mailing Lists Abuse Developer APIs
Bookkeeping
Online ▼
Home Free Trial FAQ
Open/Create Company File Accept an Invite Order/Renew
Security
Audits ▼
Home Dedicated audits Advanced audits Standard audits Recurring audits No Risk audits Desktop audits Basic audit Security Seal FAQ Price/Feature Summary Order New Tests All Tests Confidentiality Vulnerability search Run Audit Scheduler IP Permissions Audit Configuration Editor Scan Queue Reminder Notification Schedule Seal Reports Reports Style Editor
Managed
DNS ▼
About Order FAQ Acceptable Use Policy Dynamic DNS Clients
Configure Domains Dyanmic DNS Update Password
Network
Monitor ▼
Enterprise Package Advanced Package Standard Package Free Trial FAQ Price/Feature Summary Order/Renew Examples
Configure/Status Alert Profiles
Research
Reports ▼
Home FAQ Glossary Archive
 Login/Register 
 
 Vulnerability   
Search   		     Search 324607 CVE descriptions
and 145615 test descriptions,
access 10,000+ cross references.
Tests   CVE   All  

Test ID:1.3.6.1.4.1.25623.1.1.12.2022.5348.2
Category:Ubuntu Local Security Checks
Title:Ubuntu: Security Advisory (USN-5348-2)
Summary:The remote host is missing an update for the 'smarty3' package(s) announced via the USN-5348-2 advisory.
Description:Summary:
The remote host is missing an update for the 'smarty3' package(s) announced via the USN-5348-2 advisory.

Vulnerability Insight:
USN-5348-1 fixed several vulnerabilities in Smarty. This update provides
the fixes for CVE-2021-21408, CVE-2021-26119, CVE-2021-26120 and
CVE-2021-29454 for Ubuntu 16.04 ESM.

Original advisory details:

David Gnedt and Thomas Konrad discovered that Smarty was incorrectly
sanitizing the paths present in the templates. An attacker could possibly
use this use to read arbitrary files when controlling the executed
template. (CVE-2018-13982)

It was discovered that Smarty was incorrectly sanitizing the paths
present in the templates. An attacker could possibly use this use to read
arbitrary files when controlling the executed template. (CVE-2018-16831)

It was discovered that Smarty was incorrectly validating security policy
data, allowing the execution of static classes even when not permitted by
the security settings. An attacker could possibly use this issue to
execute arbitrary code. (CVE-2021-21408)

It was discovered that Smarty was incorrectly managing access control to
template objects, which allowed users to perform a sandbox escape. An
attacker could possibly use this issue to send specially crafted input to
applications that use Smarty and execute arbitrary code. (CVE-2021-26119)

It was discovered that Smarty was not checking for special characters
when setting function names during plugin compile operations. An attacker
could possibly use this issue to send specially crafted input to
applications that use Smarty and execute arbitrary code. (CVE-2021-26120)

It was discovered that Smarty was incorrectly sanitizing characters in
math strings processed by the math function. An attacker could possibly
use this issue to send specially crafted input to applications that use
Smarty and execute arbitrary code. (CVE-2021-29454)

Affected Software/OS:
'smarty3' package(s) on Ubuntu 16.04.

Solution:
Please install the updated package(s).

CVSS Score:
7.5

CVSS Vector:
AV:N/AC:L/Au:N/C:P/I:P/A:P

Cross-Ref: Common Vulnerability Exposure (CVE) ID: CVE-2021-21408
https://github.com/smarty-php/smarty/security/advisories/GHSA-4h9c-v5vg-5m6m
Debian Security Information: DSA-5151 (Google Search)
https://www.debian.org/security/2022/dsa-5151
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/L777JIBIWJV34HS7LXPIDWASG7TT4LNI/
https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/BRAJVDRGCIY5UZ2PQHKDTT7RMKG6WJQQ/
https://security.gentoo.org/glsa/202209-09
https://github.com/smarty-php/smarty/commit/19ae410bf56007a5ef24441cdc6414619cfaf664
https://github.com/smarty-php/smarty/releases/tag/v3.1.43
https://github.com/smarty-php/smarty/releases/tag/v4.0.3
https://lists.debian.org/debian-lts-announce/2022/05/msg00005.html
Common Vulnerability Exposure (CVE) ID: CVE-2021-26119
https://security.gentoo.org/glsa/202105-06
https://github.com/smarty-php/smarty/blob/master/CHANGELOG.md
https://lists.debian.org/debian-lts-announce/2021/04/msg00004.html
https://lists.debian.org/debian-lts-announce/2021/04/msg00014.html
Common Vulnerability Exposure (CVE) ID: CVE-2021-26120
Common Vulnerability Exposure (CVE) ID: CVE-2021-29454
https://github.com/smarty-php/smarty/security/advisories/GHSA-29gp-2c3m-3j6m
https://github.com/smarty-php/smarty/commit/215d81a9fa3cd63d82fb3ab56ecaf97cf1e7db71
https://github.com/smarty-php/smarty/releases/tag/v3.1.42
https://github.com/smarty-php/smarty/releases/tag/v4.0.2
https://packagist.org/packages/smarty/smarty
https://www.smarty.net/docs/en/language.function.math.tpl
CopyrightCopyright (C) 2023 Greenbone AG

This is only one of 145615 vulnerability tests in our test suite. Find out more about running a complete security audit.

To run a free test of this vulnerability against your system, register below.



© 1998-2025 E-Soft Inc. All rights reserved.