Launchpad.net

CVE 2007-0159

Directory traversal vulnerability in the GeoIP_update_database_general function in libGeoIP/GeoIPUpdate.c in GeoIP 1.4.0 allows remote malicious update servers (possibly only update.maxmind.com) to overwrite arbitrary files via a .. (dot dot) in the database filename, which is returned by a request to app/update_getfilename.

Related bugs and status

CVE-2007-0159 (Candidate) is related to these bugs:

Bug #1861101: [MIR]: dependency of bind9

		In	Importance	Status
1861101	[MIR]: dependency of bind9	libmaxminddb (Ubuntu)	Undecided	Fix Released
1861101	[MIR]: dependency of bind9	nginx (Ubuntu)	Undecided	Fix Released
1861101	[MIR]: dependency of bind9	Release Notes for Ubuntu	Undecided	Fix Released
1861101	[MIR]: dependency of bind9	python-geoip2 (Ubuntu)	Undecided	Fix Released
1861101	[MIR]: dependency of bind9	python-maxminddb (Ubuntu)	Undecided	Fix Released

See the

CVE page on Mitre.org for more details.

References

MISC: http://arctic.org/~dea...
BID: 21959
UBUNTU: USN-412-1
SECUNIA: 23880
SECUNIA: 23906
MANDRIVA: MDKSA-2007:004
OSVDB: 31618
VUPEN: ADV-2007-0117
VUPEN: ADV-2007-0118
XF: geoip-geoipupdate-dire...