oss-sec mailing list archives
Re: CVE request for radicale
From: cve-assign () mitre org
Date: Wed, 6 Jan 2016 03:25:13 -0500 (EST)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256
https://github.com/Kozea/Radicale/pull/343 http://radicale.org/news/#2015-12-31@11:54:03 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=809920
This fixes a number of issues with dodgy path handling
Many improvements in this release are related to security
We do not see a straightforward way to determine the total number of independent vulnerabilities. For example: Paths like .., ../.. or // are not sanitized correctly The program crashes if a path doesn't start with base_prefix instead of showing an error message On MS Windows the filesystem backend allows access to the first level of files on a drive. Improve the regex used for well-known URIs Decouple the daemon from its parent environment Avoid race condition in PID file creation are missing information about the attacker and/or the impact. These might potentially be overlapping observations: Paths like .., ../.. or // are not sanitized correctly Improve the regex used for well-known URIs Prevent crafted HTTP request from calling arbitrary functions Improve URI sanitation and conversion to filesystem path For now, we will start with two CVE IDs for the change information that seems somewhat more clear: CVE-2015-8747 - The multifilesystem backend allows access to arbitrary files on all platforms. CVE-2015-8748 - Prevent regex injection in rights management - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJWjM5nAAoJEL54rhJi8gl5CT8P/3BdMvzOj6xjmM/jITW6Xabs F4KoH+xeoN8dABnJLMYoFxJSokjVlvNu2CbdQo4JIdE76iTLTG48s5BPOlga/6Nh fbEDGk+lrEsWro86FUDQh0oJYFcJCQdOS+GNSi3KW2I7DQVKvsvO5lTvG8zUNH8k ELJ67CVjFR2g1DeiTnJaXYIeGoDPf0YckjagpGnxZKR6ZFjKi0YOTSPThWNSqIVG I0NZxXpcno+MMylsSg7f9KObwkti8eFl6oFHzxOTuyugJjQbkpkdXBfY08ZiVBOq Ik44z97aIZqaGKpiDdYPZnLhSfeBAT8i0kDZn5SH5Am0Oacb5WF2774Vj1NOQtdT D4Z2q+KpydU9hMeIeaEz84IjF2JoZapZax32zY+vQI28jzrbWmJ2EFiMIHh29fHk h97+pz/nRlebbLcUcwvs9we6Bec0ZyA74+XCPH68UferVg5YUD85mbTl+elIB9x7 VAD/9hKGzqEnuQNfaOEur6H+gfik6667qpcelYnpxa+ReidcUwtkq0MmkmZwaGBl Jw5mji3a77BhbakfMAc18OfJ16Xrd+bV5ffd/mFA0jegQDtd8HiY5+mMPDdKU5Sx kePOeaQxTM22mnFvYuyHekW/tZR8zWIajSbFpG/wQwM5E05Kr/KuIyozlU5oZWDj /Xvt2kqc2sHESQq+kDhG =HPXl -----END PGP SIGNATURE-----
Current thread:
- CVE request for radicale Yves-Alexis Perez (Jan 05)
- Re: CVE request for radicale cve-assign (Jan 06)
- <Possible follow-ups>
- Re: CVE request for radicale Guillaume Ayoub (Jan 06)
- Re: CVE request for radicale cve-assign (Jan 07)