Mongrel DirHandler Directory Traversal

2008-01-04T17:09:45
ID OSVDB:39866
Type osvdb
Reporter Eric Mason()
Modified 2008-01-04T17:09:45

Description

Solution Description

Upgrade to version 1.0.5 or 1.1.3 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds.

Short Description

Mongrel DirHandler Directory Traversal

References:

Vendor Specific News/Changelog Entry: http://mongrel.rubyforge.org/news.html Secunia Advisory ID:28323 Other Advisory URL: http://rubyforge.org/pipermail/mongrel-users/2007-December/004743.html Other Advisory URL: http://rubyforge.org/pipermail/mongrel-users/2007-December/004742.html Other Advisory URL: http://rubyforge.org/pipermail/mongrel-users/2007-December/004736.html Other Advisory URL: http://rubyforge.org/pipermail/mongrel-users/2007-December/004733.html CVE-2007-6612