SecurityTracker.com
Keep Track of the Latest Vulnerabilities
with SecurityTracker!
    Home    |    View Topics    |    Search    |    Contact Us    |    Help    |   

SecurityTracker
Archives


Welcome to SecurityTracker!
 
Click to Sign Up
Sign Up
Sign Up for Your FREE Weekly SecurityTracker E-mail Alert Summary
Instant Alerts
Buy our Premium Vulnerability Notification Service to receive customized, instant alerts
Affiliates
Put SecurityTracker Vulnerability Alerts on Your Web Site -- It's Free!
Partners
Become a Partner and License Our Database or Notification Service
Report a Bug
Report a vulnerability that you have found to SecurityTracker
bugs
@
securitytracker.com
Sign Up!





Category:  Application (Generic)  >  Star Vendors:  Schilling, J.
Star '//' Pathname Validation Flaw Lets Remote Users Create/Ovewrite Files
SecurityTracker Alert ID:  1018646
SecurityTracker URL:  http://securitytracker.com/id?1018646
CVE Reference:  CVE-2007-4134   (Links to External Site)
Date:  Sep 4 2007
Impact:  Modification of system information, Modification of user information
Fix Available:  Yes   Exploit Included:  Yes   Vendor Confirmed:  Yes  
Version(s): prior to 1.5a84
Description:  A vulnerability was reported in Star. A remote user can create or overwrite files on the target system.

The software does not properly validate user-supplied input in filenames. A remote user can create a specially crafted archive with filenames containing double dots and double slashes to cause files on the target system to be to created or overwritten when the archive is extracted.

The vulnerability resides in the has_dotdot() function in 'extract.c'. The function fails to detect the '../' string when the string contains double slashes (e.g., 'foo//..//bar').
Impact:  A remote user can view create or overwrite files on the target system.
Solution:  The vendor has issued a fixed alpha version (1.5a84), available at:

ftp://ftp.berlios.de/pub/star/alpha/

The vendor's advisory is available at:

ftp://ftp.berlios.de/pub/star/alpha/AN-1.5a84
Vendor URL:  developer.berlios.de/projects/star (Links to External Site)
Cause:  Input validation error
Underlying OS:  Linux (Any), UNIX (Any)

Message History:   This archive entry has one or more follow-up message(s) listed below.
Sep 4 2007 (Red Hat Issues Fix) Star '//' Pathname Validation Flaw Lets Remote Users Create/Ovewrite Files   (bugzilla@redhat.com)
Red Hat has released a fix for Red Hat Enterprise Linux 3, 4, and 5.


 Source Message Contents
Date:  Tue, 4 Sep 2007 14:33:55 -0400
Subject:  Star

 
 
CVE-2007-4134
 
Fixed in 1.5a84


Go to the Top of This SecurityTracker Archive Page



Home   |    View Topics   |    Search   |    Contact Us   |    Help

Copyright 2007, SecurityGlobal.net LLC