Your message dated Mon, 30 Oct 2006 20:02:59 -0800
with message-id <[EMAIL PROTECTED]>
and subject line Bug#395930: fixed in torrentflux 2.1-5
has caused the attached Bug report to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere. Please contact me immediately.)
Debian bug tracking system administrator
(administrator, Debian Bugs database)
--- Begin Message ---
Package: torrentflux
Version: 2.1-4
Severity: grave
Tags: security, confirmed, pending
Justification: user security hole
Thanks to Stefan Fritsch for bringing this to my attention.
A fix has been prepared and will be uploaded shortly.
>From http://www.securityfocus.com/bid/20771 :
TorrentFlux is prone to a directory-traversal vulnerability because the
application fails to properly sanitize user-supplied
input.
An attacker can exploit this vulnerability to retrieve arbitrary files from the
vulnerable system in the context of the affected
application. Information obtained may aid attackers in further attacks.
TorrentFlux version 2.1 is reported vulnerable; other versions may be affected
as well.
>From bugtraq email:
Dorkfire.com Security Advisory
Discovered By: vooduhal (at) gmail (dot) com [email concealed]
Type of problem: Directory Traversal
Software: TorrentFlux 2.1
Software Description: TorrentFlux is a FREE PHP based Torrent client
that runs on a web server. Manage all of your Torrent downloads
through a convenient web interface from anywhere.
Problem description:
The dir.php script doesn't properly sanitize path passed via the "dir"
GET variable and also doesn't confirm where it's currently creating a
directory list for.
Example:
http://target/torrentfluxroot/dir.php?dir=\.\./\.\./\.\./etc/
will produce a directory list of /etc/
-- System Information:
Debian Release: testing/unstable
APT prefers unstable
APT policy: (990, 'unstable')
Architecture: amd64 (x86_64)
Shell: /bin/sh linked to /bin/bash
Kernel: Linux 2.6.17-1-amd64-k8
Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8)
Versions of packages torrentflux depends on:
ii bittornado 0.3.17-1 bittorrent client with enhanced cu
ii dbconfig-common 1.8.20 common framework for packaging dat
ii debconf [debconf-2.0] 1.5.2 Debian configuration management sy
ii libapache2-mod-php5 5.1.4-0.1 server-side, HTML-embedded scripti
ii libphp-adodb 4.72-0.1 The 'adodb' database abstraction l
ii php5-mysql 5.1.4-0.1 MySQL module for php5
ii python 2.4.3-11 An interactive high-level object-o
Versions of packages torrentflux recommends:
ii mysql-client 5.0.22-3 mysql database client (current ver
ii mysql-client-5.0 [mysql-clien 5.0.22-3 mysql database client binaries
--- End Message ---
--- Begin Message ---
Source: torrentflux
Source-Version: 2.1-5
We believe that the bug you reported is fixed in the latest version of
torrentflux, which is due to be installed in the Debian FTP archive:
torrentflux_2.1-5.diff.gz
to pool/main/t/torrentflux/torrentflux_2.1-5.diff.gz
torrentflux_2.1-5.dsc
to pool/main/t/torrentflux/torrentflux_2.1-5.dsc
torrentflux_2.1-5_all.deb
to pool/main/t/torrentflux/torrentflux_2.1-5_all.deb
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [EMAIL PROTECTED],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Cameron Dale <[EMAIL PROTECTED]> (supplier of updated torrentflux package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [EMAIL PROTECTED])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Format: 1.7
Date: Sat, 28 Oct 2006 16:40:53 -0700
Source: torrentflux
Binary: torrentflux
Architecture: source all
Version: 2.1-5
Distribution: unstable
Urgency: high
Maintainer: Cameron Dale <[EMAIL PROTECTED]>
Changed-By: Cameron Dale <[EMAIL PROTECTED]>
Description:
torrentflux - web based, feature-rich BitTorrent download manager
Closes: 395099 395930
Changes:
torrentflux (2.1-5) unstable; urgency=high
.
* Updated 06_sanitize_html_entities to fix the security
issue CVE-2006-5451, urgency set to high (Closes: #395099)
* Fixed the directroy traversal vulnerability (Closes: #395930)
Files:
bcf6b93c4437f7f4eba15e25452a6940 629 web optional torrentflux_2.1-5.dsc
9bf55b485cd0634b6e29b87f7ecc2856 38600 web optional torrentflux_2.1-5.diff.gz
5267b4a7f17b577157a150bf636a1eb8 430240 web optional torrentflux_2.1-5_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.5 (GNU/Linux)
iD8DBQFFRsqg9n4qXRzy1ioRAlj1AJ4hmAuLZ0P/b2xNoKTWc04O1O2RzwCfR68v
Bi6wtsEck5ec7Lh75ISOyd8=
=oq1U
-----END PGP SIGNATURE-----
--- End Message ---
