[Mailman-Developers] Re: [Mailman-Users] security heads up - path traversal with 2.1.5

Barry Warsaw barry at python.org
Mon Feb 14 23:08:24 CET 2005

On Wed, 2005-02-09 at 17:00, Tokio Kikuchi wrote:

> I've tested with my 1.3.29 installation and verified apache PATH_INFO 
> does convert '//' to '/'. Barry also wanted to clarify which apache 
> version/installation (combination with mailman) is valnerable. Return 
> code of 200 doesn't mean sucessful exploit. You should check mailman 
> logs/error also. (If there is none chances are succesful exploit.)

Tokio, do you do any rewrites in your 1.3.29 config file?  I just have
this gut feeling like there's some kind of rewrite rule that caused this
slash-collapse behavior to be disabled.  FWIW, python.org does not do
rewrites and we weren't vulnerable.


-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 307 bytes
Desc: This is a digitally signed message part
Url : http://mail.python.org/pipermail/mailman-users/attachments/20050214/2d77a7e2/attachment.pgp 

More information about the Mailman-Users mailing list