Mercurial 'patch.py' Directory Traversal Vulnerability

Bugtraq ID:	30072
Class:	Input Validation Error
CVE:	CVE-2008-2942
Remote:	Yes
Local:	No
Published:	Jul 03 2008 12:00AM
Updated:	Sep 17 2008 09:20PM
Credit:	Brendan Cully
Vulnerable:	S.u.S.E. openSUSE 11.0 rPath rPath Linux 2 Pardus Linux 2008 0 Pardus Linux 2007 0 Mercurial Mercurial 1.0.1 Gentoo Linux
Not Vulnerable:	Mercurial Mercurial 1.0.2

Mercurial 'patch.py' Directory Traversal Vulnerability

Mercurial is prone to a directory-traversal vulnerability because it fails to adequately sanitize user-supplied input.

Attackers can exploit this issue to create or overwrite arbitrary files on a computer hosting the affected application.

Mercurial 1.0.1 is vulnerable; other versions may also be affected.

Mercurial 'patch.py' Directory Traversal Vulnerability

Currently we are not aware of any working exploits. If you feel we are in error or if you are aware of more recent information, please mail us at: [email protected].

Mercurial 'patch.py' Directory Traversal Vulnerability

Solution:
Advisories and fixes are available. Please see the references for more information.

Mercurial 'patch.py' Directory Traversal Vulnerability

References:

• Insufficient input validation in mercurial CVE-2008-2942 (rPath)
  
• Mercurial Changelog - Version 1.0.2 - 2008-08-13 (Mercurial)
  
• Mercurial changeset 6758:87c704ac92d4 (Mercurial)
  
• Vendor Homepage (Mercurial)