| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <200508231842.j7NIgMAf024927@linus.mitre.org> Date: Tue Aug 23 19:42:31 2005 From: coley at mitre.org (Steven M. Christey) Subject: Re: Secunia Research: HAURI Anti-Virus Compressed Archive Directory Traversal >The vulnerability is caused due to unsafe extraction of compressed >archives (e.g. ACE, ARJ, CAB, LZH, RAR, TAR and ZIP) into a temporary >directory before scanning. This can be exploited to write files into >arbitrary directories when scanning a malicious archive containing >files that have "/../" or "../../" directory sequences in their >filenames. > >... > >Apply patches. > >ViRobot Linux Server 2.0: >http://www.globalhauri.com/html/download/down_unixpatch.html This vendor page is titled "ViRobot Unix/Linux Server Security Vulnerability Patch." However, it goes on to describe a buffer overflow problem: 1. Patch for Buffer Over Flow Vulnerability - Vulnerability Type : Buffer Over Flow - Introduction to Patch : Vulnerability Patch for BOF(Buffer Over Flow) via HTTP_COOKIE There is no mention of directory traversal. This inconsistency makes it unclear whether HAURI has specifically fixed the directory traversal issue, and in addition it mentions another potentially more serious issue that has likely been missed by most advisory readers. - Steve
Powered by blists - more mailing lists