[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Full-Disclosure] Administrivia: List Compromised due to Mailman Vulnerability

To: full-disclosure@xxxxxxxxxxxxxxxx
Subject: Re: [Full-Disclosure] Administrivia: List Compromised due to Mailman Vulnerability
From: Steve Blass <sblass@xxxxxxx>
Date: Wed, 09 Feb 2005 12:45:19 -0700

John Cartwright wrote:

...

Subscriber addresses and passwords have been compromised.

d'0h!

...

SLASH = '/'

def true_path(path):
   "Ensure that the path is safe by removing .."
   parts = [x for x in path.split(SLASH) if x not in ('.', '..')]
   return SLASH.join(parts)[1:]

That's an improvement, but better is to extract and validate the tail of the path to your repository and then anchor the root where it belongs.

Fully disclosing that FD was compromised was a stand up thing to do though. Good job!

-
Steve

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.netsys.com/full-disclosure-charter.html

References:
- [Full-Disclosure] Administrivia: List Compromised due to Mailman Vulnerability
  - From: John Cartwright

Prev by Date: [Full-Disclosure] [FLSA-2005:1943] Updated libpng resolves security vulnerabilities
Next by Date: [Full-Disclosure] Virus scanning site...
Previous by thread: Re: [Full-Disclosure] Administrivia: List Compromised due to Mailman Vulnerability
Next by thread: [Full-Disclosure] Mouseover URL spoof with IE
Index(es):
- Date
- Thread