[Pkg-erlang-devel] Bug#650009: Bug#650009: yaws vulnerable to directory traversal using ..\\
Sergei Golovan
sgolovan at nes.ru
Sat Nov 26 10:05:41 UTC 2011
On Sat, Nov 26, 2011 at 12:36 AM, Sergei Golovan <sgolovan at nes.ru> wrote:
> On Fri, Nov 25, 2011 at 7:04 PM, Fabian Linzberger <e at lefant.net> wrote:
>>
>> A directory traversal vulnerability in yaws has been discovered and
>> disclosed at [1].
>>
>> At least the version of yaws currently in sid (1.91) is affected. One
>> can reproduce the issue by running:
>>
>> curl 'http://localhost:8080/..\\..\\..\\..\\/etc/passwd'
>
> The bug is reproducible... So, I'll try to look into it also.
Both 1.77 (in oldstable) and 1.88 (in stable) do not recognize \\ as a
path separator, so they aren't vulnerable.
Cheers!
--
Sergei Golovan
More information about the Pkg-erlang-devel
mailing list