oss-sec mailing list archives
Possible "new" CVE for Zoo directory traversal
From: Kurt Seifried <kseifried () redhat com>
Date: Fri, 02 Jan 2015 17:06:24 -0700
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774453 Package: zoo Version: 2.10-27+b1 Tags: security Either the fix for CVE-2005-2349 (bug #309594) wasn't complete, or it bit-rotted, because Zoo is still susceptible to directory traversal: $ pwd /home/jwilk $ zoo x traversal.zoo Zoo: /tmp/moo -- extracted $ ls -l /tmp/moo -rw-r--r-- 1 jwilk users 4 Jan 5 2015 /tmp/moo The script I used to create the test case is available at: https://bitbucket.org/jwilk/path-traversal-samples -- System Information: Debian Release: 8.0 APT prefers unstable APT policy: (990, 'unstable'), (500, 'experimental') Architecture: i386 (x86_64) Foreign Architectures: amd64 Kernel: Linux 3.2.0-4-amd64 (SMP w/2 CPU cores) Locale: LANG=C, LC_CTYPE=pl_PL.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: sysvinit (via /sbin/init) Versions of packages zoo depends on: ii libc6 2.19-13 -- Jakub Wilk https://security-tracker.debian.org/tracker/CVE-2005-2349 -- Kurt Seifried -- Red Hat -- Product Security -- Cloud PGP A90B F995 7350 148F 66BF 7554 160D 4553 5E26 7993
Attachment:
signature.asc
Description: OpenPGP digital signature
Current thread:
- Possible "new" CVE for Zoo directory traversal Kurt Seifried (Jan 02)