| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 10 Nov 2013 14:00:39 GMT From: advisories@...fsec.com To: bugtraq@...urityfocus.com Subject: Vulnerability in Pydio/AjaXplorer <= 5.0.3 Vulnerability in Pydio/AjaXplorer < = 5.0.3 ============ Background: Pydio allows you to instantly turn any server into a powerful file sharing platform. Formerly known as AjaXplorer ============ Description of vulnerability There is a path traversal vulnerability in the zoho plugin that is distributed with Pydio/AjaXplorer 5.0.3 core to 3.3.5. An attacker may use this vulnerability to retrieve arbitrary information from the server. Or arbitrarily delete files that the application has access to. Exploiting this vulnerability does not require authentication. ============ Details: /plugins/editor.zoho/agent/save_zoho.php The zoho plugin location it isn't protected from direct access and will allow file inclusions/path traversal attacks that will allow arbitrary local files to be accessed. Files that the application has access to will also be unlinked (impact to integrity/availability). ============ CVE: The Common Vulnerabilities and Exposures (CVE) project has assigned CVE-2013-6226 to this issue. This is a candidate for inclusion in the CVE list. ============ Vendor Response: Upgrade to Pydio v5.0.4 or higher. http://pyd.io/pydio-core-5-0-4/ ============ Timeline: ============ October 10, 2013, Vulnerability identified October 10, 2013, Vendor Notified October 10, 2013, Vendor initial patch review October 10, 2013, Patch released November 10, 2013, Disclosure ============ Research: ============ Craig Arendt (Redfsec) http://www.redfsec.com/CVE-2013-6226
Powered by blists - more mailing lists