Flaws have been found in the cookie path handling between a number of Web browsers and servers. The HTTP cookie standard allows a Web server supplying a cookie to a client to specify a subset of URLs on the origin server to which the cookie applies. Web servers such as Apache do not filter returned cookies and assume that the client will only send back cookies for requests that fall within the server-supplied subset of URLs. However, by supplying URLs that use path traversal (/../) and character encoding, it is possible to fool many browsers into sending a cookie to a path outside of the originally-specified subset. http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0592 https://rhn.redhat.com/errata/RHSA-2004-075.html ------- Additional Comments From bugs.michael 2004-03-11 14:49:58 ---- rh73: http://www.fedoralegacy.org/contrib/kde/kdelibs-3.0.5a-0.73.3.legacy.src.rpm http://www.fedoralegacy.org/contrib/kde/kdelibs-3.0.5a-0.73.3.legacy.i386.rpm http://www.fedoralegacy.org/contrib/kde/kdelibs-devel-3.0.5a-0.73.3.legacy.i386.rpm -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 f7836682de929906bd1361382ccc2a0bbc41630a kdelibs-3.0.5a-0.73.3.legacy.src.rpm 254fd2cda09e3a5fe851076c34c48568fc9b23e8 kdelibs-3.0.5a-0.73.3.legacy.i386.rpm 867bffd11f91da9023d56acc0fe174dca966d9a7 kdelibs-devel-3.0.5a-0.73.3.legacy.i386.rpm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.3 (GNU/Linux) iD8DBQFAUQjs0iMVcrivHFQRAqbmAJ9Z2zDYsAKJglQcb9Qbc9+D/5644QCdGo9X FjNeSrUfb7Y34ukjlglO4ww= =JXly -----END PGP SIGNATURE----- ------- Additional Comments From jkeating 2004-05-18 18:29:07 ---- I don't suppose there is any chance in getting some help with applying this patch to 7.2/8.0? 7.2: kdelibs-2.2.2-9.src.rpm 8.0: kdelibs-3.0.3-8.src.rpm ------- Additional Comments From barryn 2004-05-20 03:58:04 ---- Another kdelibs vulnerability: https://rhn.redhat.com/errata/RHSA-2004-222.html BTW, kdelibs-2.2.2-11.src.rpm from RHEL 2.1 could be used to do the 7.2 update, if Fedora Legacy is going to continue 7.2 support. ------- Additional Comments From michal 2004-05-20 19:39:19 ---- Created an attachment (id=681) proposed rh7.3 and rh9 patches for the latest issues in kdelibs These patches address issues mentioned in comment #3 and were created by "eye-balling" sources for kdelibs-3.0.5a-0.73.3.legacy and post-3.1.5-kdelibs-ktelnetservice.patch, post-3.1.5-kdelibs-kapplication.patch from kdelibs-3.1.4-5 (FC1 update). Not compiled so far! The same patch applies to kdelibs-3.1-13 from RH9 (with an offset of -41 lines in the second chunk). ------- Additional Comments From marcdeslauriers 2004-06-08 17:50:54 ---- -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Here are 7.3 and 9 rpms. They include patches for CAN-2003-0592 and CAN-2004-0411. Michal's patch was good, and it matched upstream. Changelog: * Tue Jun 08 2004 Marc Deslauriers <marcdeslauriers> 6:3.0.5a-0.73.4.legacy - - CAN-2004-0411 security patch - - (KDE Telnet URI Handler File Vulnerability) - - (Vulnerability in the mailto handler) 7.3: eb795c1b63dcc12edda1b3746bf10c59499a2e9e kdelibs-3.0.5a-0.73.4.legacy.i386.rpm ba3cce2161577f68004bf06b5ea2c43ff1c28e7d kdelibs-3.0.5a-0.73.4.legacy.src.rpm 07c2f5997b9a212ca43c6c7014714c5f6e2dadfa kdelibs-devel-3.0.5a-0.73.4.legacy.i386.rpm 9: 926c2fce4e4ac819b64883abbc6682bfa5b8fbea kdelibs-3.1-14.legacy.i386.rpm ebe76925e224f5f2e312814f5f7fb24fc6030fb6 kdelibs-3.1-14.legacy.src.rpm 2aecba9849275f4c3ab6b6ecd9c4aef246a1692c kdelibs-devel-3.1-14.legacy.i386.rpm Packages will be available here as soon as our shitty DSL line comes backup up: http://www.infostrategique.com/linuxrpms/legacy/7.3/kdelibs-3.0.5a-0.73.4.legacy.i386.rpm http://www.infostrategique.com/linuxrpms/legacy/7.3/kdelibs-3.0.5a-0.73.4.legacy.src.rpm http://www.infostrategique.com/linuxrpms/legacy/7.3/kdelibs-devel-3.0.5a-0.73.4.legacy.i386.rpm http://www.infostrategique.com/linuxrpms/legacy/9/kdelibs-3.1-14.legacy.i386.rpm http://www.infostrategique.com/linuxrpms/legacy/9/kdelibs-3.1-14.legacy.src.rpm http://www.infostrategique.com/linuxrpms/legacy/9/kdelibs-devel-3.1-14.legacy.i386.rpm -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (GNU/Linux) iD8DBQFAxojsLMAs/0C4zNoRAiR/AJ9gwTCRrROT3Xkf1BOEWZf1H95nWQCcDnig pHprJ3WQPw9YZ3VThh4GeQY= =jSpO -----END PGP SIGNATURE----- ------- Additional Comments From jp107.ac.uk 2004-06-09 06:07:52 ---- RH80 updates (mine) not official legacy can be found at: http://www.damtp.cam.ac.uk/user/jp107/rh80-updates/SRPMS/kdelibs-3.0.5a-6.80.1JSP.src.rpm http://www.damtp.cam.ac.uk/user/jp107/rh80-updates/RPMS/i386/kdelibs-3.0.5a-6.80.1JSP.i386.rpm http://www.damtp.cam.ac.uk/user/jp107/rh80-updates/RPMS/i386/kdelibs-devel-3.0.5a-6.80.1JSP.i386.rpm I could describe the patch but you can just look at the srpm if you want. We have been running this version since May 19th. ------- Additional Comments From marcdeslauriers 2004-09-10 07:37:15 ---- This bug has been superseded by bug 2008 ------- Additional Comments From marcdeslauriers 2005-02-28 15:40:42 ---- Packages in bug 2008 were released to updates-testing ------- Bug moved to this database by dkl 2005-03-30 18:23 ------- This bug previously known as bug 1373 at https://bugzilla.fedora.us/ https://bugzilla.fedora.us/show_bug.cgi?id=1373 Originally filed under the Fedora Legacy product and Package request component. Attachments: proposed rh7.3 and rh9 patches for the latest issues in kdelibs https://bugzilla.fedora.us/attachment.cgi?action=view&id=681 Unknown priority P2. Setting to default priority "normal". Unknown platform PC. Setting to default platform "All". The original reporter of this bug does not have an account here. Reassigning to the person who moved it here, dkl. Previous reporter was jonny.strom. Setting qa contact to the default for this product. This bug either had no qa contact or an invalid one.
*** This bug has been marked as a duplicate of 152769 ***