FreeBSD : h2o -- directory traversal vulnerability (31ea7f73-5c55-11e5-8607-74d02b9a84d5)

This script is Copyright (C) 2015 Tenable Network Security, Inc.


Synopsis :

The remote FreeBSD host is missing a security-related update.

Description :

Yakuzo reports :

H2O (up to version 1.4.4 / 1.5.0-beta1) contains a flaw in its URL
normalization logic.

When file.dir directive is used, this flaw allows a remote attacker to
retrieve arbitrary files that exist outside the directory specified by
the directive.

H2O version 1.4.5 and version 1.5.0-beta2 have been released to
address this vulnerability.

Users are advised to upgrade their servers immediately.

The vulnerability was reported by: Yusuke OSUMI.

See also :

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-5638
http://www.nessus.org/u?e793c14e

Solution :

Update the affected package.

Risk factor :

Medium / CVSS Base Score : 4.3
(CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N)

Family: FreeBSD Local Security Checks

Nessus Plugin ID: 85965 ()

Bugtraq ID:

CVE ID: CVE-2015-5638

Ready to Amp Up Your Nessus Experience?

Get Nessus Professional to scan unlimited IPs, run compliance checks & more

Buy Nessus Professional Now