lundi 11 août 2008

Haha! Saloperie de Tomcat...

... c'est de la merde, je lacherais jamais l'affaire :p

Title: Apache Tomcat Directory Traversal Vulnerability
Author: Simon Ryeo(bar4mi (at), barami (at)
Severity: High
Impact: Remote File Disclosure
Vulnerable Version: prior to 6.0.18
- Best Choice: Upgrade to 6.0.18 (
- Hot fix: Disable allowLinking or do not set URIencoding to utf8 in order to avoid this vulnerability.
- Tomcat 5.5.x and 4.1.x Users: The fix will be included in the next releases. Please apply the hot fix until next release.
- 07.17.2008: Initiate notify (To Apache Security Team)
- 08.02.2008: Responsed this problem fixed and released new version
- 08.05.2008: Notify disclosure (To Apache Tomcat Security Team)
- 08.10.2008: Responsed with some suggestions.

As Apache Security Team, this problem occurs because of JAVA side.
If your context.xml or server.xml allows 'allowLinking'and 'URIencoding' as
'UTF-8', an attacker can obtain your important system files.(e.g. /etc/passwd)

If your webroot directory has three depth(e.g /usr/local/wwwroot), An
attacker can access arbitrary files as below. (Proof-of-concept)

# [2008-08-11]

Et puis, tant qu'on parle de Milw0rm, un petit truc que j'avais plutôt bien aimé : ICI

Aucun commentaire: