Impact
This is a directory traversal attack enabling remotely connected clients to destroy and/or manipulate critical files on the host's file system. Whenever a remotely connected client uses the enhanced MKSNAP action by passing a second argument for the filename with directory traversal syntax, for example MKSNAP ../badsnap, the database server will destroy the file at location ../badsnap.snapshot if appropriate permissions aren't set for the process.
Patches
This security bug has been patched in v0.5.1
Workarounds
Restrict the permissions of the skyd process to its working directory.
References
For more information
If you have any questions or comments about this advisory:
ohsayan Analyst
Impact
This is a directory traversal attack enabling remotely connected clients to destroy and/or manipulate critical files on the host's file system. Whenever a remotely connected client uses the enhanced MKSNAP action by passing a second argument for the filename with directory traversal syntax, for example
MKSNAP ../badsnap, the database server will destroy the file at location../badsnap.snapshotif appropriate permissions aren't set for the process.Patches
This security bug has been patched in v0.5.1
Workarounds
Restrict the permissions of the
skydprocess to its working directory.References
For more information
If you have any questions or comments about this advisory: