FreeBSD VuXML: Documenting security issues in FreeBSD and the FreeBSD Ports Collection

CVE-2010-2253

This CVE name corresponds to:

Entered Topic
2010-08-31 p5-libwww -- possibility to remote servers to create file with a .(dot) character

The following information is adapted from the Common Vulnerabilities and Exposures (CVE) project. CVE and the CVE logo are trademarks of The MITRE Corporation. CVE content is Copyright 2005, The MITRE Corporation.

CVE-2010-2253 at cve.mitre.org

Details

Type Candidate
Name CVE-2010-2253
Phase Assigned(20100609)

Description

lwp-download in libwww-perl before 5.835 does not reject downloads to filenames that begin with a . (dot) character, which allows remote servers to create or overwrite files via (1) a 3xx redirect to a URL with a crafted filename or (2) a Content-Disposition header that suggests a crafted filename, and possibly execute arbitrary code as a consequence of writing to a dotfile in a home directory.

References

Source Reference
MLIST [oss-security] 20100517 [oCERT-2010-001] multiple http client unexpected download filename vulnerability
MLIST [oss-security] 20100609 Re: [oCERT-2010-001] multiple http client unexpected download filename vulnerability
MISC http://www.ocert.org/advisories/ocert-2010-001.html
CONFIRM http://cpansearch.perl.org/src/GAAS/libwww-perl-5.836/Changes
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=591580
CONFIRM https://bugzilla.redhat.com/show_bug.cgi?id=602800
FEDORA FEDORA-2010-15405
FEDORA FEDORA-2010-15532
UBUNTU USN-981-1
VUPEN ADV-2010-2872

Copyright © 2005 The MITRE Corporation.

Copyright © 2003-2005 Jacques Vidrine and contributors.
Please see the source of this document for full copyright information.