Re: [Mtools] Security bug: Path traversal due to "/" in file names.

info-mtools

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Mtools] Security bug: Path traversal due to "/" in file names.

From:	Alain Knaff
Subject:	Re: [Mtools] Security bug: Path traversal due to "/" in file names.
Date:	Wed, 26 Dec 2007 22:54:38 +0100
User-agent:	Thunderbird 2.0.0.6 (X11/20071022)

Timothy Baldwin wrote:

There is no check for "/" in filenames, so extracting files from a specially
crafted filesystem will result if files outside the target directory being
written.

For example, extracting from this image:
http://www.majoroak.f2s.com/tim/linux/dosfs-exploit.gz

With:
mkdir test
mcopy -sv -i image ::TEST test/

Results in following extra directories:
test/TEST2
test/TEST3
T


Thanks for the note.

This is now fixed in today's patch (20071226) on http://mtools.linux.lu

Regards,

Alain

[Prev in Thread]

Current Thread

[Next in Thread]

Re: [Mtools] Security bug: Path traversal due to "/" in file names., Alain Knaff <=

Prev by Date: [Mtools] clusters 8193-14592
Next by Date: Re: [Mtools] clusters 8193-14592
Previous by thread: [Mtools] clusters 8193-14592
Index(es):
- Date
- Thread