|
From: | Alain Knaff |
Subject: | Re: [Mtools] Security bug: Path traversal due to "/" in file names. |
Date: | Wed, 26 Dec 2007 22:54:38 +0100 |
User-agent: | Thunderbird 2.0.0.6 (X11/20071022) |
Timothy Baldwin wrote:
There is no check for "/" in filenames, so extracting files from a specially crafted filesystem will result if files outside the target directory being written. For example, extracting from this image: http://www.majoroak.f2s.com/tim/linux/dosfs-exploit.gz With: mkdir test mcopy -sv -i image ::TEST test/ Results in following extra directories: test/TEST2 test/TEST3 T
Thanks for the note. This is now fixed in today's patch (20071226) on http://mtools.linux.lu Regards, Alain
[Prev in Thread] | Current Thread | [Next in Thread] |