-------------------------------------------------------------------------- Debian Security Advisory DSA 328-1 security@debian.org http://www.debian.org/security/ Matt Zimmerman June 19th, 2003 http://www.debian.org/security/faq -------------------------------------------------------------------------- Package : webfs Vulnerability : buffer overflow Problem-Type : remote Debian-specific: no CVE Id : CAN-2003-0445 webfs, a lightweight HTTP server for static content, contains a buffer overflow whereby a long Request-URI in an HTTP request could cause arbitrary code to be executed.
From: Matt Zimmerman <mdz@debian.org> Reply-To: listadmin@SECURITYFOCUS.COM To: bugtraq@securityfocus.com Subject: [SECURITY] [DSA-392-1] New webfs packages fix buffer overflows, file and directory exposure Date: Mon, 29 Sep 2003 11:55:36 -0400 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 - -------------------------------------------------------------------------- Debian Security Advisory DSA 392-1 security@debian.org http://www.debian.org/security/ Matt Zimmerman September 29th, 2003 http://www.debian.org/security/faq - -------------------------------------------------------------------------- Package : webfs Vulnerability : buffer overflows, file and directory exposure Problem-Type : remote Debian-specific: no CVE Ids : CAN-2003-0832 CAN-2003-0833 Jens Steube reported two vulnerabilities in webfs, a lightweight HTTP server for static content. CAN-2003-0832 - When virtual hosting is enabled, a remote client could specify ".." as the hostname in a request, allowing retrieval of directory listings or files above the document root. CAN-2003-0833 - A long pathname could overflow a buffer allocated on the stack, allowing execution of arbitrary code. In order to exploit this vulnerability, it would be necessary to be able to create directories on the server in a location which could be accessed by the web server. In conjunction with CAN-2003-0832, this could be a world-writable directory such as /var/tmp. For the current stable distribution (woody) these problems have been fixed in version 1.17.2. For the unstable distribution (sid) these problems have been fixed in version 1.20.
I just updated the ebuild. It seems that i'm the only one using this software. I've been using it on production and new version seems to run fine.
Aliz, Do we wish to send a GLSA for this?
This bug died. If a GLSA wasn't sent, it's probably not relevant anymore.