Newsgrab Multiple Local And Remote Vulnerabilities
BID:12428
Info
Newsgrab Multiple Local And Remote Vulnerabilities
| Bugtraq ID: | 12428 |
| Class: | Unknown |
| CVE: |
CVE-2005-0153 CVE-2005-0154 |
| Remote: | Yes |
| Local: | Yes |
| Published: | Feb 02 2005 12:00AM |
| Updated: | Jul 12 2009 10:06AM |
| Credit: | Discovery of these vulnerabilities is credited to Niels Heinen. |
| Vulnerable: |
Newsgrab Newsgrab 0.5.0pre4 |
| Not Vulnerable: | |
Discussion
Newsgrab Multiple Local And Remote Vulnerabilities
Newsgrab is reported prone to multiple vulnerabilities. The following individual issues are reported:
Newsgrab is reported prone to a directory traversal vulnerability. This vulnerability exists because the software does not sufficiently sanitize directory traversal sequences from filenames before the filename is employed to store the file onto disk.
A remote attacker may exploit this vulnerability by supplying a malicious file to a target victim. This vulnerability has been assigned the CVE identifier CAN-2005-0153.
Newsgrab is reported prone to an unspecified insecure permissions vulnerability.
A local attacker may exploit this vulnerability to disclose potentially sensitive information that is contained in files that were downloaded using newsgrab. This vulnerability has been assigned the CVE identifier CAN-2005-0154.
Newsgrab is reported prone to multiple vulnerabilities. The following individual issues are reported:
Newsgrab is reported prone to a directory traversal vulnerability. This vulnerability exists because the software does not sufficiently sanitize directory traversal sequences from filenames before the filename is employed to store the file onto disk.
A remote attacker may exploit this vulnerability by supplying a malicious file to a target victim. This vulnerability has been assigned the CVE identifier CAN-2005-0153.
Newsgrab is reported prone to an unspecified insecure permissions vulnerability.
A local attacker may exploit this vulnerability to disclose potentially sensitive information that is contained in files that were downloaded using newsgrab. This vulnerability has been assigned the CVE identifier CAN-2005-0154.
Exploit / POC
Newsgrab Multiple Local And Remote Vulnerabilities
The following example is available:
A file containing the name '../../../../etc/rc.local' and the mode 777 could cause newsgrab to drop the file at /etc/rc.local with 777 permissions.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
The following example is available:
A file containing the name '../../../../etc/rc.local' and the mode 777 could cause newsgrab to drop the file at /etc/rc.local with 777 permissions.
Currently we are not aware of any exploits for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution / Fix
Newsgrab Multiple Local And Remote Vulnerabilities
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
Solution:
Currently we are not aware of any vendor-supplied patches for this issue. If you feel we are in error or are aware of more recent information, please mail us at: [email protected] <mailto:[email protected]>.
References
Newsgrab Multiple Local And Remote Vulnerabilities
References:
References:
- Newsgrab (Niels Heinen)
- Newsgrab Homepage (Newsgrab)