24000 – net-www/webfs

Bug 24000 - net-www/webfs

Summary: net-www/webfs

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Security
Classification:	Unclassified
Component:	Vulnerabilities (show other bugs)
Hardware:	All Linux

Importance:	Highest critical (vote)
Assignee:	Gentoo Security

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2003-07-06 13:40 UTC by Daniel Ahlberg (RETIRED)
Modified:	2011-10-30 22:39 UTC (History)
CC List:	1 user (show)

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Daniel Ahlberg (RETIRED) gentoo-dev

2003-07-06 13:40:08 UTC

-------------------------------------------------------------------------- 
Debian Security Advisory DSA 328-1                     security@debian.org 
http://www.debian.org/security/                             Matt Zimmerman 
June 19th, 2003                         http://www.debian.org/security/faq 
-------------------------------------------------------------------------- 
 
Package        : webfs 
Vulnerability  : buffer overflow 
Problem-Type   : remote 
Debian-specific: no 
CVE Id         : CAN-2003-0445 
 
webfs, a lightweight HTTP server for static content, contains a buffer 
overflow whereby a long Request-URI in an HTTP request could cause 
arbitrary code to be executed.

Comment 1 solar (RETIRED) gentoo-dev

2003-09-29 11:35:10 UTC

From: 	Matt Zimmerman <mdz@debian.org>
Reply-To: 	listadmin@SECURITYFOCUS.COM
To: 	bugtraq@securityfocus.com
Subject: 	[SECURITY] [DSA-392-1] New webfs packages fix buffer overflows,
file and directory exposure
Date: 	Mon, 29 Sep 2003 11:55:36 -0400	

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

-
--------------------------------------------------------------------------
Debian Security Advisory DSA 392-1                     security@debian.org
http://www.debian.org/security/                             Matt Zimmerman
September 29th, 2003                        http://www.debian.org/security/faq
-
--------------------------------------------------------------------------

Package        : webfs
Vulnerability  : buffer overflows, file and directory exposure
Problem-Type   : remote
Debian-specific: no
CVE Ids        : CAN-2003-0832 CAN-2003-0833

Jens Steube reported two vulnerabilities in webfs, a lightweight HTTP
server for static content.

 CAN-2003-0832 - When virtual hosting is enabled, a remote client
 could specify ".." as the hostname in a request, allowing retrieval
 of directory listings or files above the document root.

 CAN-2003-0833 - A long pathname could overflow a buffer allocated on
 the stack, allowing execution of arbitrary code.  In order to exploit
 this vulnerability, it would be necessary to be able to create
 directories on the server in a location which could be accessed by
 the web server.  In conjunction with CAN-2003-0832, this could be a
 world-writable directory such as /var/tmp.

For the current stable distribution (woody) these problems have been fixed
in version 1.17.2.

For the unstable distribution (sid) these problems have been fixed in
version 1.20.

Comment 2 Christian Birchinger (RETIRED) gentoo-dev

2003-09-30 03:59:27 UTC

I just updated the ebuild. It seems that i'm the only one using this software.
I've been using it on production and new version seems to run fine.

Comment 3 solar (RETIRED) gentoo-dev

2003-10-11 14:58:43 UTC

Aliz,

Do we wish to send a GLSA for this?

Comment 4 Andrew Cooks (RETIRED) gentoo-dev

2004-01-18 04:40:29 UTC

This bug died. If a GLSA wasn't sent, it's probably not relevant anymore.