Описание
Directory Traversal in send
Versions 0.8.3 and earlier of send are affected by a directory traversal vulnerability. When relying on the root option to restrict file access it may be possible for an application consumer to escape out of the restricted directory and access files in a similarly named directory.
For example, static(_dirname + '/public') would allow access to _dirname + '/public-restricted'.
Recommendation
Update to version 0.8.4 or later.
Ссылки
- https://nvd.nist.gov/vuln/detail/CVE-2014-6394
- https://github.com/visionmedia/send/pull/59
- https://github.com/visionmedia/send/commit/9c6ca9b2c0b880afd3ff91ce0d211213c5fa5f9a
- https://bugzilla.redhat.com/show_bug.cgi?id=1146063
- https://exchange.xforce.ibmcloud.com/vulnerabilities/96727
- https://github.com/advisories/GHSA-xwg4-93c6-3h42
- https://support.apple.com/HT205217
- https://www.npmjs.com/advisories/32
- http://lists.apple.com/archives/security-announce/2015/Sep/msg00002.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-October/139938.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-October/140020.html
- http://lists.fedoraproject.org/pipermail/package-announce/2014-September/139415.html
- http://secunia.com/advisories/62170
- http://www-01.ibm.com/support/docview.wss?uid=swg21687263
- http://www.openwall.com/lists/oss-security/2014/09/24/1
- http://www.openwall.com/lists/oss-security/2014/09/30/10
- http://www.securityfocus.com/bid/70100
Пакеты
send
< 0.8.4
0.8.4
Связанные уязвимости
visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory.
visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory.
visionmedia send before 0.8.4 for Node.js uses a partial comparison for verifying whether a directory is within the document root, which allows remote attackers to access restricted directories, as demonstrated using "public-restricted" under a "public" directory.
visionmedia send before 0.8.4 for Node.js uses a partial comparison fo ...