On Thu, 13 Aug 2009 23:51:40 +0200 Moritz Muehlenhoff wrote: > On Mon, May 18, 2009 at 12:06:58PM -0400, Michael S. Gilbert wrote: > > Package: linux-2.6 > > Severity: important > > Tags: security > > > > Hi, > > > > The following CVE (Common Vulnerabilities & Exposures) id was > > published for linux-2.6. > > > > CVE-2007-6514[0]: > > | Apache HTTP Server, when running on Linux with a document root on a > > | Windows share mounted using smbfs, allows remote attackers to obtain > > | unprocessed content such as source files for .php programs via a > > | trailing "\" (backslash), which is not handled by the intended AddType > > | directive. > > > > If you fix the vulnerability please also make sure to include the > > CVE id in your changelog entry. > > Have you been able to test this against recent kernels such as 2.6.30?
here is my assessment of this issue: the attack vector for this one is so obscure: the worst that can happen is disclosure of scripts hosted on an apache server serving those scripts, and only if those scripts are mounted from a windows share via smbfs. i'd almost be inclined to say no-dsa for this one (or issue a dsa that says don't host your web scripts on a windows share when using apache if you are concerned about the confidentiality of those scripts). it's hardly worth worrying about. i have not done any tests to determine affected versions, but it should be fairly straightforward to do so. see [0]. also, see redhat bug on this [1]. they have a patch for rhel 2.1, but i wasn't able to search it down. mike [0] http://www.securityfocus.com/archive/1/archive/1/485316/100/0/threaded [1] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2007-6514 -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
