Mailman 3 [Fwd: Fwd: Re: [Mailman-Announce] Critical security update for Mailman 2.1.5 and earlier [origin: mailman-developers-owner@python.org]] - Mailman-Developers

Barry Warsaw

12 Feb 2005 12 Feb '05

5:25 p.m.

Attachments:

signature.asc (application/pgp-signature — 307 bytes)
attachment.eml (message/rfc822 — 4 bytes)

Show replies by date

Harald Meland

17 Feb 17 Feb

1:09 a.m.

...

From: Axel Beckert <beckert@ecos.de> Subject: Re: [Mailman-Announce] Critical security update for Mailman 2.1.5 and earlier To: mailman-developers@python.org

I just want to share my experiences with the patch:

Am Thu, Feb 10, 2005 at 09:41:05AM -0500, Barry Warsaw schrieb:

...
There is a critical security flaw in Mailman 2.1.5 and earlier Mailman 2.1 versions

As I noticed, 2.0.x versions (at least 2.0.13) are vulnerable, too.

I suspect that even 1.x versions of Mailman are vulnerable.

...

Is there any patch which complies with Python 1 syntax?

I think something like this should work, slightly tested using Python 1.5.2.

SLASH = '/'

def true_path(path): "Ensure that the path is safe by removing .." parts = string.split(path, SLASH) safe = filter(lambda x: x not in ('.', '..'), parts) if parts <> safe: # No easy "syslog()" function is necessarily available in # early Mailman versions. # # syslog('mischief', 'Directory traversal attack thwarted') pass return string.join(safe, SLASH)[1:]

-- Harald

7167

Age (days ago)

7172

Last active (days ago)

List overview

Download

1 comments

2 participants

participants (2)

Barry Warsaw
Harald Meland

[Fwd: Fwd: Re: [Mailman-Announce] Critical security update for Mailman 2.1.5 and earlier [origin: mailman-developers-owner@python.org]]

Barry Warsaw

Harald Meland

I think something like this should work, slightly tested using Python 1.5.2.

tags

participants (2)