Hi,
CVE-2007-3163 (Incomplete blacklist vulnerability in the filemanager in
Frederico ...)
- moin 1.5.8-4.1 (unimportant; bug #429205)
- knowledgeroot 0.9.8.2-2 (unimportant; bug #429204)
- karrigell <unfixed> (unimportant; bug #429207)
NOTE: This is only exploitable on NTFS filesystems
NOTE: Given the state of Linux'' NTFS support it seems highly
unlikely
NOTE: and given the state of ext3/XFS highly stupid to run a Debian-based
NOTE: web server with NTFS
TODO: Check, whether NTFS on Linux is affected at all, I doubt so
The TODO and NOTES do not belong to this CVE but I don''t want to remove
them
since they might be missing somewhere else. Anyone knows where they belong to?
Kind regards
Nico
--
Nico Golde - http://www.ngolde.de - nion at jabber.ccc.de - GPG: 0x73647CFF
For security reasons, all text in this mail is double-rot13 encrypted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
Url :
http://lists.alioth.debian.org/pipermail/secure-testing-team/attachments/20071022/2b2ec1d8/attachment.pgp
Florian Weimer
2007-Oct-22 17:00 UTC
[Secure-testing-team] unrelated notes for CVE-2007-3163
* Nico Golde:> CVE-2007-3163 (Incomplete blacklist vulnerability in the filemanager in Frederico ...) > - moin 1.5.8-4.1 (unimportant; bug #429205) > - knowledgeroot 0.9.8.2-2 (unimportant; bug #429204) > - karrigell <unfixed> (unimportant; bug #429207) > NOTE: This is only exploitable on NTFS filesystems > NOTE: Given the state of Linux'' NTFS support it seems highly unlikely > NOTE: and given the state of ext3/XFS highly stupid to run a Debian-based > NOTE: web server with NTFS > TODO: Check, whether NTFS on Linux is affected at all, I doubt so > > The TODO and NOTES do not belong to this CVE but I don''t want to remove them > since they might be missing somewhere else. Anyone knows where they belong to?I think the notes apply to the embedded copy of FckEditor. But there is something that doesn''t make much sense -- how can client-side Javascript result in this bug?