Polipo Unspecified Traversal Arbitrary File Access

2005-09-23T05:50:41
ID OSVDB:19693
Type osvdb
Reporter Wessel Dankers()
Modified 2005-09-23T05:50:41

Description

Vulnerability Description

Polipo contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. No further details have been provided.

Solution Description

Upgrade to version 0.9.9 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Polipo contains a flaw that allows a remote attacker to access arbitrary files outside of the web path. No further details have been provided.

References:

Vendor URL: http://www.pps.jussieu.fr/~jch/software/polipo/ Vendor Specific News/Changelog Entry: http://www.pps.jussieu.fr/~jch/software/polipo/CHANGES.text Secunia Advisory ID:16978 CVE-2005-3163 Bugtraq ID: 14970