[mythtv] Attackers can read any file on host via MythTV
Isaac Richards
ijr at case.edu
Sun Mar 20 06:36:22 UTC 2005
On Sunday 20 March 2005 01:17 am, Jonathan T Wang wrote:
> Hi,
>
> I believe I've found a security hole in Myth - in
> MainServer::LocalFilePath, MythTV does not check whether the QUrl passed
> in by the client in MainServer::HandleAnnounce contains any instances
> of "../"
>
> This means that an attacker could cause MythTV to send him any file on the
> system readable by the mythtv user.
Read the code again.
Isaac
More information about the mythtv-dev
mailing list