Bug 203088

Summary:	www-servers/apache Windows SMB script disclosure (CVE-2007-6514)
Product:	Gentoo Security	Reporter:	Robert Buchholz (RETIRED) <rbu>
Component:	Vulnerabilities	Assignee:	Gentoo Security <security>
Status:	RESOLVED INVALID
Severity:	normal	CC:	apache-bugs, ismail, lkundrak
Priority:	High
Version:	unspecified
Hardware:	All
OS:	Linux
URL:	http://www.securityfocus.com/archive/1/archive/1/485316/100/0/threaded
Whiteboard:	B3 [upstream]
Package list:		Runtime testing required:	---

Description Robert Buchholz (RETIRED) gentoo-dev

2007-12-22 21:46:28 UTC

CVE-2007-6514 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2007-6514):
  Apache HTTP Server, when running on Linux with a document root on a Windows
  share mounted using smbfs, allows remote attackers to obtain unprocessed
  content such as source files for .php programs via a trailing "\"
  (backslash), which is not handled by the intended AddType directive.

Comment 1 Robert Buchholz (RETIRED) gentoo-dev

2007-12-22 21:48:27 UTC

Apache herd, please advise.

Comment 2 Benedikt Böhm (RETIRED) gentoo-dev

2007-12-23 00:41:41 UTC

as far as i can see, there is no patch available yet .. i'm currently on vacation till Dec 27, but will look at it asap

Comment 3 Sune Kloppenborg Jeppesen (RETIRED) gentoo-dev

2008-01-06 18:35:27 UTC

Any news here?

Comment 4 Benedikt Böhm (RETIRED) gentoo-dev

2008-01-07 22:08:50 UTC

there is no detailed info/patch i can find until today

Comment 5 Benedikt Böhm (RETIRED) gentoo-dev

2008-01-19 10:09:05 UTC

according to red hats bugzilla and the nist entry, this only happens on older 2.4 kernels, so this either needs a kernel fix if we even have any 2.4 left, otherwise INVALID

Comment 6 Robert Buchholz (RETIRED) gentoo-dev

2008-01-19 23:17:48 UTC

No 2.4ers left. Closing.