[Mailman-Developers] Re: [Mailman-Users] security heads up - path traversal with 2.1.5
Barry Warsaw
barry at python.org
Mon Feb 14 23:08:24 CET 2005
On Wed, 2005-02-09 at 17:00, Tokio Kikuchi wrote:
> I've tested with my 1.3.29 installation and verified apache PATH_INFO
> does convert '//' to '/'. Barry also wanted to clarify which apache
> version/installation (combination with mailman) is valnerable. Return
> code of 200 doesn't mean sucessful exploit. You should check mailman
> logs/error also. (If there is none chances are succesful exploit.)
Tokio, do you do any rewrites in your 1.3.29 config file? I just have
this gut feeling like there's some kind of rewrite rule that caused this
slash-collapse behavior to be disabled. FWIW, python.org does not do
rewrites and we weren't vulnerable.
-Barry
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
Url : http://mail.python.org/pipermail/mailman-users/attachments/20050214/2d77a7e2/attachment.pgp
More information about the Mailman-Users
mailing list