Public bug reported:
Binary package hint: torrentflux
There are many security vulnerabilities in the torrentflux version
present in Edgy that were fixed in later versions of the Debian package.
The Edgy version is based on Debian's 2.1-1, while 2.1-7 includes all of
the fixes to these security vulnerabilities:
- fix minor XSS vulnerability in admin.php, issue CVE-2006-5227
- sanitize html entities to fix the security issue CVE-2006-5451
- fixed the directroy traversal vulnerability, issue CVE-2006-5609
- sanitize file inputs, issues CVE-2006-6328, CVE-2006-6329, CVE-2006-6330,
CVE-2006-6598
- remote command execution in metaInfo.php, issue CVE-2006-6331
- possible XSS vulnerability due to urldecode, CVE-2006-6600
- remote command execution in maketorrent.php, issue CVE-2006-6599
- more possible fixes just to be safe, issue CVE-2006-6604
All of these vulnerabilities are relatively minor, as they all require a
logged in user to exploit them.
To fix them, the changes from Debian's version 2.1-7 can be easily
ported by including the following dpatch files from the Debian package
(and removing the ubuntu created 05_sanitize_html_entities.dpatch as it
only partially solves the problem):
06_sanitize_html_entities.dpatch
09_fix_directory_traversal.dpatch
10_sanitize_file_input.dpatch
11_missed_security_fixes.dpatch
12_metaInfo_remote_command.dpatch
13_possible_xss_vulnerability.dpatch
14_maketorrent_remote_command.dpatch
15_additional_possible_fixes.dpatch
I am preparing an updated package to fix these issues, and will post it
here when it's done.
** Affects: torrentflux (Ubuntu)
Importance: Undecided
Status: New
** Visibility changed to: Public
--
Multiple security vulnerabilities in Edgy
https://bugs.launchpad.net/bugs/155491
You received this bug notification because you are a member of Ubuntu
Bugs, which is the bug contact for Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
