Hi Cameron and Stefan, Stefan requested that I request CVE IDs for the torrentflux issues from Mitre, which I have done, please see below for these. It would be good to pass these upstream and include them in any changelogs that fix these issues that haven't been uploaded already.
micah > New torrentflux issue has come up, reference URL > http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23400582 > > Proposed text: > A potential remote command execution has been found in torrentflux, a > php-based torrent management software. Arbitrary code execution in > metaInfo.php allows an authenticated user to execute remote shell > commands on the server when $cfg["enable_file_priority"] is set to 'false'. I've created 4 candidates - 3 for the Secunia advisory published in November, and one for this particular issue. See below. ====================================================== Name: CVE-2006-6328 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6328 Reference: MISC:http://www.milw0rm.com/exploits/2786 Reference: SECUNIA:22880 Reference: URL:http://secunia.com/advisories/22880 Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23400582 Directory traversal vulnerability in index.php for TorrentFlux 2.2 allows remote attackers to create or overwrite arbitrary files via sequences in the alias_file parameter. ====================================================== Name: CVE-2006-6329 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6329 Reference: MISC:http://www.milw0rm.com/exploits/2786 Reference: SECUNIA:22880 Reference: URL:http://secunia.com/advisories/22880 Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23400582 index.php for TorrentFlux 2.2 allows remote attackers to delete files by specifying the target filename in the delfile parameter. ====================================================== Name: CVE-2006-6330 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6330 Reference: MISC:http://www.milw0rm.com/exploits/2786 Reference: SECUNIA:22880 Reference: URL:http://secunia.com/advisories/22880 Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23400582 index.php for TorrentFlux 2.2 allows remote registered users to execute arbitrary commands via shell metacharacters in the kill parameter. ====================================================== Name: CVE-2006-6331 Status: Candidate URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2006-6331 Reference: CONFIRM:http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=%23400582 Reference: MISC:http://bugs.debian.org/cgi-bin/bugreport.cgi/11_missed_security_fixes.dpatch?bug=400582;msg=71;att=1 metaInfo.php in TorrentFlux 2.2, when $cfg["enable_file_priority"] is false, allows remote attackers to execute arbitrary commands via shell metacharacters (backticks) in the torrent parameter to details.php.
signature.asc
Description: OpenPGP digital signature
