oss-sec mailing list archives
YingZhi Lua Programming Language for iOS ftp .. bug & httpd arbitrary upload
From: "Larry W. Cashdollar" <larry0 () me com>
Date: Fri, 30 Aug 2013 13:16:47 +0000 (GMT)
Hi, During further investigation of the Python programming language by XiaoWen for ipad/iphone I discovered a new Lua / Perl / Ruby programming application in the apple application store all written by XiaoWen Huang that suffers from the http file upload vulnerabilities. It appears the ../ has been fixed for these other applications. Download Locations: https://itunes.apple.com/us/app/perl-programming-language/id578116006?mt=8&ls=1 https://itunes.apple.com/us/app/ruby-programming-language/id581732143?mt=8&ls=1 https://itunes.apple.com/us/app/lua-programming-language/id505972017?mt=8&ls=1 -- Larry
Current thread:
- YingZhi Python Programming Language for iOS ftp .. bug & httpd arbitrary upload Larry W. Cashdollar (Aug 29)
- Re: YingZhi Python Programming Language for iOS ftp .. bug & httpd arbitrary upload cve-assign (Aug 29)
- Re: YingZhi Python Programming Language for iOS ftp .. bug & httpd arbitrary upload Larry W. Cashdollar (Aug 30)
- Re: YingZhi Python Programming Language for iOS ftp .. bug & httpd arbitrary upload Larry W. Cashdollar (Aug 30)
- YingZhi Lua Programming Language for iOS ftp .. bug & httpd arbitrary upload Larry W. Cashdollar (Aug 30)
- Re: YingZhi Python Programming Language for iOS ftp .. bug & httpd arbitrary upload Larry W. Cashdollar (Aug 30)
- Re: YingZhi Python Programming Language for iOS ftp .. bug & httpd arbitrary upload cve-assign (Aug 29)