Launchpad.net

Launchpad Home
Code
Bugs
Blueprints
Translations
Answers

CVE 2011-1589

Directory traversal vulnerability in Path.pm in Mojolicious before 1.16 allows remote attackers to read arbitrary files via a %2f..%2f (encoded slash dot dot slash) in a URI.

Related bugs and status

CVE-2011-1589 (Candidate) is related to these bugs:

Bug #769054: CVE-2011-1589: path traversal security vulnerability

		In	Importance	Status
769054	CVE-2011-1589: path traversal security vulnerability	libmojolicious-perl (Ubuntu)	Medium	Fix Released
769054	CVE-2011-1589: path traversal security vulnerability	libmojolicious-perl (Debian)	Unknown	Fix Released
769054	CVE-2011-1589: path traversal security vulnerability	libmojolicious-perl (Ubuntu Natty)	Medium	Won't Fix

See the

CVE page on Mitre.org for more details.

References

MISC: http://perlninja.poste...
MISC: http://secunia.com/adv...
MISC: http://secunia.com/adv...
MISC: http://www.securityfoc...
MISC: http://www.osvdb.org/7...
MISC: http://www.vupen.com/e...
MISC: http://www.vupen.com/e...
MISC: http://www.debian.org/...
MISC: http://lists.fedorapro...
MISC: http://lists.fedorapro...
MISC: http://openwall.com/li...
MISC: http://openwall.com/li...
MISC: http://openwall.com/li...
MISC: http://bugs.debian.org...
MISC: http://cpansearch.perl...
MISC: http://search.cpan.org...
MISC: https://bugzilla.redha...
MISC: https://github.com/kra...
MISC: https://github.com/kra...
MISC: https://exchange.xforc...