Home page logo
/

fulldisclosure logo Full Disclosure mailing list archives

Re: Administrivia: List Compromised due to Mailman Vulnerability
From: Steve Blass <sblass () asu edu>
Date: Wed, 09 Feb 2005 12:45:19 -0700

John Cartwright wrote:

...

Subscriber addresses and passwords have been compromised.

d'0h!

...

SLASH = '/'

def true_path(path):
   "Ensure that the path is safe by removing .."
   parts = [x for x in path.split(SLASH) if x not in ('.', '..')]
   return SLASH.join(parts)[1:]

That's an improvement, but better is to extract and validate the tail of the path to your repository and then anchor the root where it belongs.

Fully disclosing that FD was compromised was a stand up thing to do though. Good job!

-
Steve

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html


  By Date           By Thread  

Current thread:
[ Nmap | Sec Tools | Mailing Lists | Site News | About/Contact | Advertising | Privacy ]