CVE-2015-6500

Name of the Vulnerable Software and Affected Versions ownCloud Server versions prior to 8.0.6 ownCloud Server versions 8.1.x prior to 8.1.1

Description The issue allows remote authenticated users to list directory contents and possibly cause a denial of service via a .. (dot dot) in the dir parameter to "index.php/apps/files/ajax/scan.php". This is due to incorrect restriction of the directory path name with limited access. An attacker can exploit this to read the directory contents or cause a denial of service by manipulating the parameter in "index.php/apps/files/ajax/scan.php".

Recommendations For ownCloud Server versions prior to 8.0.6, update to version 8.0.6 or later. For ownCloud Server versions 8.1.x prior to 8.1.1, update to version 8.1.1 or later. As a temporary workaround, consider restricting access to the "index.php/apps/files/ajax/scan.php" endpoint to minimize the risk of exploitation. Avoid using the dir parameter in the affected API endpoint until the issue is resolved.