Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Vulnerability in Resin Webserver

From: joetesta () HUSHMAIL COM
Date: Thu, 15 Feb 2001 20:47:02 -0800
----- Begin Hush Signed Message from joetesta () hushmail com -----

Vulnerability in Resin Webserver




    Overview

Resin 1.2.2 is a webserver available from http://www.caucho.com and
http://java.tucows.com.  A vulnerability exists which allows a remote
user to break out of the web root using relative paths (ie: '..', '...').



    Details

Resin does in fact check that the requested path lies within the webroot,
but by inserting a backslash before any '..' or '...', it is possible
to defeat the check.  The following URL demonstrates this vulnerability:


        http://localhost:8080/\../readme.txt



    Solution

A fixed upgrade, 1.2.3, was released and is available at:


        http://www.caucho.com/download/index.xtp



    Vendor Status

Caucho Technology, Inc was notified via <resin () caucho com> and
<ferg () caucho com> on Sunday, January 28, 2001.  I would like to congratulate
Caucho for being the first cooperative vendor I have ever dealt with.


    - Joe Testa  ( e-mail: joetesta () hushmail com / AIM: LordSpankatron )


----- Begin Hush Signature v1.3 -----
An0eed7ic2H8Vtwjs3cQulZsm6R8EEwEMFlftmkdq+W6lBV+uEITb9LSwXnLtJGWUwaH
ATRTVglHrpuXliZsKdOLkr1V6e+DpfmUpi0EgNnYn0watuvzd1nPfwW7QSXInSdMWuBu
KRoEXT3jn3WE4kdyDvbbZ6i8jsN7+mYuSs3JCgELd3t/kumhSfQa7JyxRkO9JUUiJo0q
NWSvr5rI60ioW/xv7SS5SGd/Fi9LYKmAPGNRNk86EfTXJsSF5BaogliJT1BvjdOh5Spn
Zrng815s3CZweudPh+I7DLmddZefRqpCV6fyp/juittDhpZ9y7WZpy6Ea4LtPfpo07jk
tSHqUg2R4cCRJBwj8M+pRGVmfYK1Zhli7AivtznD62DfxEv5abHrPMGwlNabpAc7NHBc
8f7eHUFFTkR0Eb3YAk5y4e+PREaQ6jEbUKS6yIf29Xh6+iZybGssClim0d8SO/2xG5dL
tE1WgFJgv1Jd7p+iuXhVu4T65DMhYFi2FluHFYB2g6Gg
----- End Hush Signature v1.3 -----
\n\nThis message has been signed with a Hush Digital Signature. \nTo verify the signature, please go to 
www.hush.com/tools\n\n
Previous By Date Next
Previous By Thread Next

Current thread: