oss-sec mailing list archives
Re: CVE Request for incomplete fix to CVE-2015-3297 in Etherpad Minify
From: cve-assign () mitre org
Date: Thu, 16 Apr 2015 02:55:30 -0400 (EDT)
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1
An anonymous reporter pointed out an incomplete fix to CVE-2015-3297 in the minify feature of current Etherpad releases. There is an additional location in the script where backslashes are replaced with slashes in the path parameter of HTTP API calls after path normalization is applied, allowing an attacker supplying a slightly different specially-crafted request to remotely read arbitrary files https://github.com/ether/etherpad-lite/commit/0fa7650df8f940ed6b577d79836a78eb09726c4b
Use CVE-2015-3309. - -- CVE assignment team, MITRE CVE Numbering Authority M/S M300 202 Burlington Road, Bedford, MA 01730 USA [ PGP key available through http://cve.mitre.org/cve/request_id.html ] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.14 (SunOS) iQEcBAEBAgAGBQJVL1xzAAoJEKllVAevmvmsqWEH/2N77rp93iqfKbhqgMi2Ew+U QP3tcg0pJoDbU3nJYLLhmcYtYyVa/2epCub3NXy+VuG6cRxORQiVVtlNPHOChf7Z chb5DP7CRYIAD99mCQ+QZwWCaSfqf3ZqaL9t8ZVw+YvYwPnOUKpAQsOo6MqG1SNR WOp9n3iE2kD8E7VbvKeFx8TlOEcsU1lEGxX+vHEVepJxnk3++sa6n0JFzv2vHKiU KWLPLybUETGB7mPNfKXKImvU+RfXeQ+1yl6KevtPlYMElq5Rxt+FJCBqQNDSW7VU ZWEBGB43J8T6QCNVTNFOkP6LJoXXjcOySHAk4wfWrJRm9EEVrUGk1M60PKJ4PdA= =zRWw -----END PGP SIGNATURE-----
Current thread:
- CVE Request for incomplete fix to CVE-2015-3297 in Etherpad Minify Jeremy Stanley (Apr 12)
- Re: CVE Request for incomplete fix to CVE-2015-3297 in Etherpad Minify cve-assign (Apr 15)