Package: bozohttpd Version: 20090522-2 Severity: grave Tags: security Hi, the following CVE (Common Vulnerabilities & Exposures) ids were published for bozohttpd.
From the original reporter: | "Bozohttpd is started from inetd with a configuration line | in /etc/inetd.conf like this: | www stream tcp nowait root /usr/sbin/tcpd /usr/sbin/bozohttpd /var/www -X -H -S foobar -c /usr/lib/cgi-bin -U www-data -u | | There is a ~user1/public_html and there are other users on the system | but without a public_html | | 1) Go to "http://localhost/~user1/"; | I get the index.html from user1/public_html as expected | 2) Go to "http://localhost/~user2/"; (who don't have a public_html dir) | I get a | "403 Forbidden /~user2/: Access to this item has been denied", as expected | | 3) Go to "http://localhost/~user2/"; again (reload the page) | I don't get the error above, but just the directory index of ~user2 | (/home/user2). | | If I reload the page I get the result of 2) and 3) swapping around. 3) | Shouldn't happen, as there is no public_html there. And anyone can: | a) Probe for user names in the system (dir is there or not) | b) Look at least the name of the files of some user. The latest upstream version fixes both problems If you fix the vulnerabilities please also make sure to include the CVE ids in your changelog entry. For further information see: [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2195 http://security-tracker.debian.org/tracker/CVE-2010-2195 [1] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2010-2320 http://security-tracker.debian.org/tracker/CVE-2010-2320 -- Nico Golde - http://www.ngolde.de - [email protected] - GPG: 0xA0A0AAAA For security reasons, all text in this mail is double-rot13 encrypted.
pgp2iT2fXrn3o.pgp
Description: PGP signature
