这是indexloc提供的服务,不要输入任何密码

Debian Bug report logs - #759573
torrentflux: CVE-2014-6028 CVE-2014-6029

version graph

Package: torrentflux; Maintainer for torrentflux is (unknown);

Reported by: Nicolas Guigo <nguigo@isecpartners.com>

Date: Thu, 28 Aug 2014 17:48:02 UTC

Severity: grave

Tags: security, upstream

Found in version torrentflux/2.4-5

Fixed in version 2.4-5.1+rm

Done: Debian FTP Masters <ftpmaster@ftp-master.debian.org>

Bug is archived. No further changes may be made.

View this report as an mbox folder, status mbox, maintainer mbox

Report forwarded to debian-bugs-dist@lists.debian.org, Cameron Dale <camrdale@gmail.com>:
Bug#759573; Package torrentflux. (Thu, 28 Aug 2014 17:48:06 GMT) (full text, mbox, link).

Acknowledgement sent to Nicolas Guigo <nguigo@isecpartners.com>:
New Bug report received and forwarded. Copy sent to Cameron Dale <camrdale@gmail.com>. (Thu, 28 Aug 2014 17:48:07 GMT) (full text, mbox, link).

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Nicolas Guigo <nguigo@isecpartners.com>
To: "submit@bugs.debian.org" <submit@bugs.debian.org>
Subject: Information Disclosure in TorrentFlux
Date: Thu, 28 Aug 2014 17:44:47 +0000
[Message part 1 (text/plain, inline)]
Package: torrentflux

Version: 2.4.5-1

 

An authenticated attacker on the webapp can access all users' cookies stored
in the database by iterating the cid (cookie id) in the following fashion:
www.vulnserver.com/torrentflux/profile.php?op=editCookies
<http://www.vulnserver.com/torrentflux/profile.php?op=editCookies&cid=%3cITE
RATOR> &cid=<ITERATOR>

The function getCookie is implementated at torrentflux/www/functions.php
L395

 

--

Nicolas Guigo

Senior Security Engineer

iSEC Partners (NCC GROUP)

(206) 948-3687

9C80 28B2 F016 4DA4 24C9  D1D7 129C FDF6 0CDC B828

 


[Message part 2 (text/html, inline)]
[smime.p7s (application/pkcs7-signature, attachment)]

Severity set to 'grave' from 'normal' Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Fri, 29 Aug 2014 16:18:08 GMT) (full text, mbox, link).

Added tag(s) upstream and security. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Fri, 29 Aug 2014 16:18:09 GMT) (full text, mbox, link).

Marked as found in versions torrentflux/2.4-5. Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Fri, 29 Aug 2014 16:18:10 GMT) (full text, mbox, link).

Information forwarded to debian-bugs-dist@lists.debian.org, Cameron Dale <camrdale@gmail.com>:
Bug#759573; Package torrentflux. (Fri, 29 Aug 2014 21:21:08 GMT) (full text, mbox, link).

Acknowledgement sent to Salvatore Bonaccorso <carnil@debian.org>:
Extra info received and forwarded to list. Copy sent to Cameron Dale <camrdale@gmail.com>. (Fri, 29 Aug 2014 21:21:08 GMT) (full text, mbox, link).

Message #16 received at 759573@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>
To: 759573@bugs.debian.org
Subject: Re: Bug#759573: Information Disclosure in TorrentFlux
Date: Fri, 29 Aug 2014 23:18:05 +0200
FTR in the bug: Given that it is also possible to delete or modify
cookies.

Regards,
Salvatore

Changed Bug title to 'torrentflux: CVE-2014-6028 CVE-2014-6029' from 'Information Disclosure in TorrentFlux' Request was from Salvatore Bonaccorso <carnil@debian.org> to control@bugs.debian.org. (Wed, 03 Sep 2014 04:36:06 GMT) (full text, mbox, link).

Reply sent to Debian FTP Masters <ftpmaster@ftp-master.debian.org>:
You have taken responsibility. (Wed, 10 Sep 2014 10:42:40 GMT) (full text, mbox, link).

Notification sent to Nicolas Guigo <nguigo@isecpartners.com>:
Bug acknowledged by developer. (Wed, 10 Sep 2014 10:42:40 GMT) (full text, mbox, link).

Message #23 received at 759573-done@bugs.debian.org (full text, mbox, reply):

From: Debian FTP Masters <ftpmaster@ftp-master.debian.org>
To: 398537-done@bugs.debian.org,407061-done@bugs.debian.org,407065-done@bugs.debian.org,407066-done@bugs.debian.org,428076-done@bugs.debian.org,481894-done@bugs.debian.org,669787-done@bugs.debian.org,677061-done@bugs.debian.org,759573-done@bugs.debian.org,759574-done@bugs.debian.org,
Cc: torrentflux@packages.debian.org, torrentflux@packages.qa.debian.org
Subject: Bug#761008: Removed package(s) from unstable
Date: Wed, 10 Sep 2014 10:40:15 +0000
Version: 2.4-5.1+rm

Dear submitter,

as the package torrentflux has just been removed from the Debian archive
unstable we hereby close the associated bug reports.  We are sorry
that we couldn't deal with your issue properly.

For details on the removal, please see https://bugs.debian.org/761008

The version of this package that was in Debian prior to this removal
can still be found using http://snapshot.debian.org/.

This message was generated automatically; if you believe that there is
a problem with it please contact the archive administrators by mailing
ftpmaster@ftp-master.debian.org.

Debian distribution maintenance software
pp.
Scott Kitterman (the ftpmaster behind the curtain)

Bug archived. Request was from Debbugs Internal Request <owner@bugs.debian.org> to internal_control@bugs.debian.org. (Sun, 26 Apr 2015 07:50:52 GMT) (full text, mbox, link).

Send a report that this bug log contains spam.

Debian bug tracking system administrator <owner@bugs.debian.org>. Last modified: Mon Jul 28 21:22:47 2025; Machine Name: berlioz

Debian Bug tracking system

Debbugs is free software and licensed under the terms of the GNU General Public License version 2. The current version can be obtained from https://bugs.debian.org/debbugs-source/.

Copyright © 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson, 2005-2017 Don Armstrong, and many other contributors.