Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Sat, 23 May 2015 19:40:12 +0000
From: Jeremy Stanley <fungi@...goth.org>
To: OSS Security <oss-security@...ts.openwall.com>
Cc: CVE Request <cve-assign@...re.org>
Subject: Re: Re: CVE Request for read-only directory traversal
 in Etherpad frontend tests

On 2015-04-11 20:17:31 +0000 (+0000), Jeremy Stanley wrote:
> A vulnerability was discovered in Etherpad (see below). In order to
> ensure full traceability, we need a CVE number assigned that we can
> attach to further notifications. This issue is already public.
> 
> Title: Read-only directory traversal in Etherpad frontend tests
> Reporter: Tom Hunkapiller
> Versions: 1.2.0 through 1.5.3
> 
> Description:
> Tom Hunkapiller reported a vulnerability in the frontend tests of
> previous Etherpad releases, which are enabled by default. Parent
> directory references were not correctly sanitized in frontend test
> URLs of HTTP API calls, allowing an attacker to remotely read
> arbitrary files on the server's filesystem with the privileges of
> the account running the service.
> 
> Notes:
> This bug was introduced in commit ba4ebbb which was initially
> included in the 1.2.0 release, and is fixed in commit 5409eb3 which
> appears in the 1.5.4 release.
> 
> References:
> https://github.com/ether/etherpad-lite/commit/5409eb3
> 
> -- 
> Jeremy Stanley

I can't find where MITRE ever replied on the request above. Was a
CVE assigned for this and I just missed it, or is the request still
pending followup?
-- 
Jeremy Stanley

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ