newsgrab -- directory traversal vulnerability

ID 35F6093C-73C3-11D9-8A93-00065BE4B5B6
Type freebsd
Reporter FreeBSD
Modified 2005-01-18T00:00:00


The newsgrab script creates files by using the names provided in the newsgroup messages in a perl open() call. This is done without performing any security checks to prevent a directory traversal. A specially crafted newsgroup message could cause newsgrab to drop an attachment anywhere on the file system using the permissions of the user running the script.