Date: Sat, 23 May 2015 19:40:12 +0000 From: Jeremy Stanley <fungi@...goth.org> To: OSS Security <oss-security@...ts.openwall.com> Cc: CVE Request <cve-assign@...re.org> Subject: Re: Re: CVE Request for read-only directory traversal in Etherpad frontend tests On 2015-04-11 20:17:31 +0000 (+0000), Jeremy Stanley wrote: > A vulnerability was discovered in Etherpad (see below). In order to > ensure full traceability, we need a CVE number assigned that we can > attach to further notifications. This issue is already public. > > Title: Read-only directory traversal in Etherpad frontend tests > Reporter: Tom Hunkapiller > Versions: 1.2.0 through 1.5.3 > > Description: > Tom Hunkapiller reported a vulnerability in the frontend tests of > previous Etherpad releases, which are enabled by default. Parent > directory references were not correctly sanitized in frontend test > URLs of HTTP API calls, allowing an attacker to remotely read > arbitrary files on the server's filesystem with the privileges of > the account running the service. > > Notes: > This bug was introduced in commit ba4ebbb which was initially > included in the 1.2.0 release, and is fixed in commit 5409eb3 which > appears in the 1.5.4 release. > > References: > https://github.com/ether/etherpad-lite/commit/5409eb3 > > -- > Jeremy Stanley I can't find where MITRE ever replied on the request above. Was a CVE assigned for this and I just missed it, or is the request still pending followup? -- Jeremy Stanley
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ