oss-sec mailing list archives

Re: CVE Request: patch: directory traversal via file rename

From: cve-assign () mitre org
Date: Tue, 27 Jan 2015 18:20:17 -0500 (EST)

Hi

Could you please assign a CVE for the following issue in patch? There
is a directory traversal flaw via file rename.

It was reported to the Debian BTS as #775873[1] and is different from
#775227, which was a directory traversal via symlinks and got
CVE-2015-1196.

[1] https://bugs.debian.org/775873
[2] https://savannah.gnu.org/bugs/?44059

Regards,
Salvatore


Use CVE-2015-1395.

---

CVE assignment team, MITRE CVE Numbering Authority M/S M300
202 Burlington Road, Bedford, MA 01730 USA
[ PGP key available through http://cve.mitre.org/cve/request_id.html ]

Current thread:

CVE Request: patch: directory traversal via file rename Salvatore Bonaccorso (Jan 24)
- Re: CVE Request: patch: directory traversal via file rename cve-assign (Jan 28)