Published: 31/08/2011 Updated: 02/02/2012

CVSS v2 Base Score: 5 | Impact Score: 2.9 | Exploitability Score: 10

VMScore: 445

Vector: AV:N/AC:L/Au:N/C:P/I:N/A:N

Directory traversal vulnerability in soup-uri.c in SoupServer in libsoup prior to 2.35.4 allows remote malicious users to read arbitrary files via a %2e%2e (encoded dot dot) in a URI.

Vulnerable Product	Search on Vulmon	Subscribe to Product
gnome libsoup 2.2
gnome libsoup 2.2.0
gnome libsoup 2.2.1
gnome libsoup 2.2.7
gnome libsoup 2.2.91
gnome libsoup 2.2.98
gnome libsoup 2.2.99
gnome libsoup 2.3.4
gnome libsoup 2.4.0
gnome libsoup 2.24.1
gnome libsoup 2.25.2
gnome libsoup 2.27.1
gnome libsoup 2.27.2
gnome libsoup 2.29.3
gnome libsoup 2.29.5
gnome libsoup 2.31.6
gnome libsoup 2.31.90
gnome libsoup 2.33.6
gnome libsoup 2.33.90
gnome libsoup
gnome libsoup 2.0
gnome libsoup 2.2.6
gnome libsoup 2.2.6.1
gnome libsoup 2.2.96
gnome libsoup 2.2.97
gnome libsoup 2.2.104
gnome libsoup 2.3.0.1
gnome libsoup 2.3.2
gnome libsoup 2.23.92
gnome libsoup 2.24.0.1
gnome libsoup 2.26.0
gnome libsoup 2.26.1
gnome libsoup 2.28.0
gnome libsoup 2.28.1
gnome libsoup 2.30.1
gnome libsoup 2.31.2
gnome libsoup 2.33.4
gnome libsoup 2.33.5
gnome libsoup 2.2.4
gnome libsoup 2.2.5
gnome libsoup 2.2.94
gnome libsoup 2.2.95.1
gnome libsoup 2.2.102
gnome libsoup 2.2.103
gnome libsoup 2.23.6
gnome libsoup 2.23.91
gnome libsoup 2.25.5
gnome libsoup 2.25.91
gnome libsoup 2.27.90
gnome libsoup 2.27.91
gnome libsoup 2.27.92
gnome libsoup 2.29.91
gnome libsoup 2.30.0
gnome libsoup 2.32.1
gnome libsoup 2.32.2
gnome libsoup 2.34.1
gnome libsoup 2.2.2
gnome libsoup 2.2.3
gnome libsoup 2.2.92
gnome libsoup 2.2.93
gnome libsoup 2.2.100
gnome libsoup 2.2.101
gnome libsoup 2.4.1
gnome libsoup 2.23.1
gnome libsoup 2.25.3
gnome libsoup 2.25.4
gnome libsoup 2.27.4
gnome libsoup 2.27.5
gnome libsoup 2.29.6
gnome libsoup 2.29.90
gnome libsoup 2.31.92
gnome libsoup 2.32.0
gnome libsoup 2.33.92
gnome libsoup 2.34.0

Debian Bug report logs - #635837 CVE-2011-2524: SoupServer directory traversal Package: libsoup24; Maintainer for libsoup24 is Debian GNOME Maintainers <pkg-gnome-maintainers@listsaliothdebianorg>; Reported by: Moritz Muehlenhoff <jmm@debianorg> Date: Thu, 28 Jul 2011 22:27:07 UTC Severity: grave Tags: security ...

An attacker could send crafted URLs to a SoupServer application and obtain unintended access to files ...

It was discovered that libsoup, a HTTP library implementation in C, is not properly validating input when processing requests made to SoupServer A remote attacker can exploit this flaw to access system files via a directory traversal attack For the oldstable distribution (lenny), this problem has been fixed in version 241-2+lenny1 For the stab ...

CWE-22 http://www.ubuntu.com/usn/USN-1181-1 http://www.redhat.com/support/errata/RHSA-2011-1102.html https://bugzilla.gnome.org/show_bug.cgi?id=653258 http://git.gnome.org/browse/libsoup/tree/NEWS http://www.securitytracker.com/id?1025864 http://lists.fedoraproject.org/pipermail/package-announce/2011-August/063431.html http://www.debian.org/security/2011/dsa-2369 http://secunia.com/advisories/47299 https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=635837 https://usn.ubuntu.com/1181-1/https://nvd.nist.gov

CVE-2011-2524

Vulnerability Summary

Vendor Advisories

References

Vulmon Search

About

Products

Connect