FreeBSD : h2o -- directory traversal vulnerability (31ea7f73-5c55-11e5-8607-74d02b9a84d5)

medium Nessus Plugin ID 85965

Synopsis

The remote FreeBSD host is missing a security-related update.

Description

Yakuzo reports :

H2O (up to version 1.4.4 / 1.5.0-beta1) contains a flaw in its URL normalization logic.

When file.dir directive is used, this flaw allows a remote attacker to retrieve arbitrary files that exist outside the directory specified by the directive.

H2O version 1.4.5 and version 1.5.0-beta2 have been released to address this vulnerability.

Users are advised to upgrade their servers immediately.

The vulnerability was reported by: Yusuke OSUMI.

Solution

Update the affected package.

See Also

http://www.nessus.org/u?102f79db

Plugin Details

Severity: Medium

ID: 85965

File Name: freebsd_pkg_31ea7f735c5511e5860774d02b9a84d5.nasl

Version: 1.6

Type: local

Published: 9/17/2015

Updated: 1/6/2021

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Low

Score: 3.7

CVSS v2

Risk Factor: Medium

Base Score: 4.3

Vector: CVSS2#AV:N/AC:M/Au:N/C:P/I:N/A:N

Vulnerability Information

CPE: p-cpe:/a:freebsd:freebsd:h2o, cpe:/o:freebsd:freebsd

Required KB Items: Host/local_checks_enabled, Host/FreeBSD/release, Host/FreeBSD/pkg_info

Patch Publication Date: 9/16/2015

Vulnerability Publication Date: 9/14/2015

Reference Information

CVE: CVE-2015-5638