Bug#603748: marked as done (CVE-2010-4181)

Debian Bug Tracking System Wed, 17 Nov 2010 00:39:23 -0800

Your message dated Wed, 17 Nov 2010 11:34:32 +0300
with message-id <aanlktimsb3tdajvqbqjfgrasjv-n4n6hqsxfrj1cq...@mail.gmail.com>
and subject line Re: [Pkg-erlang-devel] Bug#603748: Bug#603748: CVE-2010-4181
has caused the Debian Bug report #603748,
regarding CVE-2010-4181
to be marked as done.


This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact ow...@bugs.debian.org
immediately.)


-- 
603748: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=603748
Debian Bug Tracking System
Contact ow...@bugs.debian.org with problems

--- Begin Message ---

Package: yaws
Severity: grave
Tags: security

The following vulnerability has been reported in YAWS:

| Directory traversal vulnerability in Yaws 1.89 allows remote attackers
| to read arbitrary files via ..\ (dot dot backslash) and other
| sequences.

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4181

This seems unfixed/unnoticed upstream AFAICT. Please get in touch with
upstream.

Cheers,
        Moritz

-- System Information:
Debian Release: squeeze/sid
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32-5-686 (SMP w/1 CPU core)
Locale: LANG=C, lc_ctype=de_de.iso-8859...@euro (charmap=ISO-8859-15)
Shell: /bin/sh linked to /bin/bash

Versions of packages yaws depends on:
ii  adduser                       3.112+nmu1 add and remove users and groups
pn  erlang-abi-11.b.3             <none>     (no description available)
pn  erlang-nox                    <none>     (no description available)
ii  libc6                         2.11.2-6   Embedded GNU C Library: Shared lib
ii  libpam0g                      1.1.1-6    Pluggable Authentication Modules l
ii  openssl                       0.9.8o-2   Secure Socket Layer (SSL) binary a

yaws recommends no packages.

Versions of packages yaws suggests:
pn  erlang-dev                    <none>     (no description available)
pn  yaws-chat                     <none>     (no description available)
pn  yaws-mail                     <none>     (no description available)
pn  yaws-wiki                     <none>     (no description available)
pn  yaws-yapp                     <none>     (no description available)

--- End Message ---

--- Begin Message ---

On Wed, Nov 17, 2010 at 9:11 AM, Sergei Golovan <sgolo...@nes.ru> wrote:
> On Wed, Nov 17, 2010 at 1:06 AM, Moritz Muehlenhoff <j...@debian.org> wrote:
>>
>> The following vulnerability has been reported in YAWS:
>>
>> | Directory traversal vulnerability in Yaws 1.89 allows remote attackers
>> | to read arbitrary files via ..\ (dot dot backslash) and other
>> | sequences.
>>
>> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-4181
>
> It seems like this vulnerability is specific for MS Windows. I can't
> reproduce it
> on Linux where backslash isn't a directory delimiter (though I've tied only 
> 1.88
> yet, so may be 1.89 is still vulnerable, I'll check it).

I've rechecked YAWS for this vulnerability and found that none of versions
currently in Debian (and also future 1.89) is vulnerable. The vulnerability
is not revealed if YAWS is installed on a Linux system.

So, I'm closing this bug and will notify YAWS authors shortly.

Cheers!
-- 
Sergei Golovan

--- End Message ---

Bug#603748: marked as done (CVE-2010-4181)

Reply via email to