Your message dated Fri, 11 Feb 2005 08:43:08 +0100
with message-id <[EMAIL PROTECTED]>
and subject line Bug#294688: CAN-2005-0299: Directory traversal in GForge
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--------------------------------------
Received: (at submit) by bugs.debian.org; 11 Feb 2005 05:17:22 +0000
>From [EMAIL PROTECTED] Thu Feb 10 21:17:22 2005
Return-path: <[EMAIL PROTECTED]>
Received: from luonnotar.infodrom.org [195.124.48.78]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CzTBC-0000xE-00; Thu, 10 Feb 2005 21:17:22 -0800
Received: by luonnotar.infodrom.org (Postfix, from userid 10)
id 8B3F7366B74; Fri, 11 Feb 2005 06:17:25 +0100 (CET)
Received: at Infodrom Oldenburg (/\##/\ Smail-3.2.0.102 1998-Aug-2 #2)
from infodrom.org by finlandia.Infodrom.North.DE
via smail from stdin
id <[EMAIL PROTECTED]>
for [EMAIL PROTECTED]; Fri, 11 Feb 2005 06:15:18 +0100 (CET)
Date: Fri, 11 Feb 2005 06:15:17 +0100
From: Martin Schulze <[EMAIL PROTECTED]>
To: [EMAIL PROTECTED]
Subject: CAN-2005-0299: Directory traversal in GForge
Message-ID: <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
X-Debbugs-Cc: [EMAIL PROTECTED]
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-11.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
X_DEBBUGS_CC autolearn=ham version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Package: gforge
Version: 3.1-26
Severity: grave
Tags: security sarge sid patch
The sid/sarge version seems to be vulnerable to this. Please correct it.
The correction should be in the GForge CVS, otherwise sanitising the dir
should be easy (i.e. recursively strip "../").
Candidate: CAN-2005-0299
URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0299
Reference: BUGTRAQ:20050120 STG Security Advisory: [SSA-20050120-24] GForge 3.x
directory
Reference: URL:http://marc.theaimsgroup.com/?l=bugtraq&m=110627132209963&w=2
Reference: BID:12318
Reference: URL:http://www.securityfocus.com/bid/12318
Reference: XF:gforge-dir-dirname-directory-traversal(18988)
Reference: URL:http://xforce.iss.net/xforce/xfdb/18988
Directory traversal vulnerability in GForge 3.3 and earlier allows
remote attackers to read arbitrary files via a .. (dot dot) in the (1)
dir parameter to controller.php or (2) dir_name parameter to
controlleroo.php.
Regards,
Joey
--
The good thing about standards is that there are so many to choose from.
-- Andrew S. Tanenbaum
Please always Cc to me when replying to me on the lists.
---------------------------------------
Received: (at 294688-done) by bugs.debian.org; 11 Feb 2005 07:47:28 +0000
>From [EMAIL PROTECTED] Thu Feb 10 23:47:28 2005
Return-path: <[EMAIL PROTECTED]>
Received: from luonnotar.infodrom.org [195.124.48.78]
by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
id 1CzVWR-0003XN-00; Thu, 10 Feb 2005 23:47:28 -0800
Received: by luonnotar.infodrom.org (Postfix, from userid 10)
id BF51C366B74; Fri, 11 Feb 2005 08:47:31 +0100 (CET)
Received: at Infodrom Oldenburg (/\##/\ Smail-3.2.0.102 1998-Aug-2 #2)
from infodrom.org by finlandia.Infodrom.North.DE
via smail from stdin
id <[EMAIL PROTECTED]>
for [EMAIL PROTECTED]; Fri, 11 Feb 2005 08:43:08 +0100 (CET)
Date: Fri, 11 Feb 2005 08:43:08 +0100
From: Martin Schulze <[EMAIL PROTECTED]>
To: Julien Cristau <[EMAIL PROTECTED]>
Cc: [EMAIL PROTECTED]
Subject: Re: Bug#294688: CAN-2005-0299: Directory traversal in GForge
Message-ID: <[EMAIL PROTECTED]>
References: <[EMAIL PROTECTED]> <[EMAIL PROTECTED]>
Mime-Version: 1.0
Content-Type: text/plain; charset=iso-8859-1
Content-Disposition: inline
In-Reply-To: <[EMAIL PROTECTED]>
User-Agent: Mutt/1.5.6+20040907i
Delivered-To: [EMAIL PROTECTED]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02
(1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-6.0 required=4.0 tests=BAYES_00,HAS_BUG_NUMBER
autolearn=no version=2.60-bugs.debian.org_2005_01_02
X-Spam-Level:
Julien Cristau wrote:
> On 11/02/2005-06:32, Martin Schulze wrote:
>
> > Package: gforge
> > Version: 3.1-26
> > Severity: grave
> > Tags: security sarge sid patch
> >
> > The sid/sarge version seems to be vulnerable to this. Please correct it.
> > The correction should be in the GForge CVS, otherwise sanitising the dir
> > should be easy (i.e. recursively strip "../").
> >
> > Candidate: CAN-2005-0299
> > URL: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-0299
> >
> Hi Joey,
>
> isn't this bug a duplicate of Bug#291718, which was closed by the upload
> of gforge 3.1-26 ?
> Changelog says:
>
> gforge (3.1-26) unstable; urgency=high
>
> * Disabled controller.php and controlleroo.php because of security
> risks, hence the high urgency upload (closes: #291718).
>
> -- Roland Mas <[EMAIL PROTECTED]> Sun, 23 Jan 2005 12:59:25 +0100
Oops. I only checked the code, not whether the files in question
were enabled or not. If they're not used, we're done.
Regards,
Joey
--
The good thing about standards is that there are so many to choose from.
-- Andrew S. Tanenbaum
Please always Cc to me when replying to me on the lists.
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
