Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Date: Fri, 19 Sep 2008 09:22:28 -0400 (EDT)
From: Josh Bressers <bressers@...hat.com>
To: oss-security <oss-security@...ts.openwall.com>
Subject: viewvc security flaw?

I'm not sure about this one, I'm wondering if someone else has an opinion:
http://viewvc.tigris.org/issues/show_bug.cgi?id=354

It was submitted as a Fedora security update, which I'm letting through for
now, as better safe than sorry.

To sum it up, it looks like the mime type used to display a given file in
viewvc can be set via the URL.  Obviously this means that an attacker could
force an arbitrary mime type on any file in a viewvc repository.

It strikes me as not crossing a trust boundary though, as I suspect you'd need
something malicious in the repo in order for this to really be useful.  If the
bad guys can already add arbitrary content, you have bigger problems.

-- 
    JB

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ