Re: [Lxr-dev] Random file opening vulnerability in LXR
Brought to you by:
ajlittoz
Menu
▾
▴
Re: [Lxr-dev] Random file opening vulnerability in LXR
|
From: Malcolm B. <ma...@br...> - 2003-03-21 13:16:03
|
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Hi Giacomo, Giacomo A. Catenazzi wrote: | If I understand correctly the vulnerability, it happen | only because of the expantion on $v and $a, but | the all possible values are already stored | in some configuration files, so is it simple to | chech that $v and $a are in the correct set of values, | and that to manually (e.g. a simple string substitution) | the variable expantion, instead of the normal perl | expantion. Ah, I see how that could cause it, because we go and read $root/$v/$filename. Should be an easy fix. | BTW, FYI, the vulnerability is a candidate CVE: | http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0156 Thanks - I'll keep an eye on it. | BTW I view that some big project use LXR, whould you publish a | list of such servers? If you are interested, I will try | to compile the list. YES!! I'd be very interested in such a list, both to update the (woeful) LXR homepage at http://lxr.sf.net, and to give us a good idea of who to contact when 1.0 hits the shelves (real soon now, I promise :-) If anyone feels like updating the LXR website, they'd be very welcome... Malcolm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.6 (MingW32) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org iEYEARECAAYFAj57CTEACgkQNFSEWhVtP3ZWqwCfahjppzw82Ru4ZhRHkjBscKxE MBIAn3/qA96UZEOMRkBLVKyQdRGBK1Pu =il9l -----END PGP SIGNATURE----- |
