Summary: | <media-sound/cantata-1.2.2: internal http server allows to download any file (CVE-2013-{7300,7301}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Nikoli <nikoli> |
Component: | Auditing | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | minor | CC: | kde, qt |
Priority: | Normal | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | https://code.google.com/p/cantata/issues/detail?id=356 | ||
Whiteboard: | ~3 [noglsa] | ||
Package list: | Runtime testing required: | --- | |
Bug Depends on: | 497152 | ||
Bug Blocks: |
Description
Nikoli
2013-12-24 06:35:35 UTC
Thanks for the report Rerate as ~3, cause there are no stable versions in tree. 1.2.2 fixes this issue, so closing this as FIXED too. CVE-2013-7301 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7301): Cantata before 1.2.2 does not restrict access to files in the play queue, which allows remote attackers to obtain sensitive information by reading the songs in the queue. CVE-2013-7300 (http://nvd.nist.gov/nvd.cfm?cvename=CVE-2013-7300): Absolute path traversal vulnerability in cantata before 1.2.2 allows local users to read arbitrary files via a full pathname in a request to the internal httpd server. NOTE: this vulnerability can be leveraged by remote attackers using CVE-2013-7301. |