[19988] in bugtraq
Re: CHINANSL Security Advisory(CSA-200108)
daemon@ATHENA.MIT.EDU (Jon Stevens)
Mon Apr 2 00:31:42 2001
Mime-version: 1.0
Content-type: text/plain; charset="US-ASCII"
Content-transfer-encoding: 7bit
Message-ID: <B6ED18ED.29CA9%jon@latchkey.com>
Date: Sun, 1 Apr 2001 17:42:05 -0700
Reply-To: Jon Stevens <jon@LATCHKEY.COM>
From: Jon Stevens <jon@LATCHKEY.COM>
X-To: lovehacker@chinansl.com
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: <20010331062633.17210.qmail@securityfocus.com>
on 3/30/01 11:26 PM, "lovehacker" <lovehacker@263.NET> wrote:
> Topic:
> Tomcat 3.2.1 for win2000 Directory traversal
> Vulnerability
>
> vulnerable:
> Tomcat 3.2.1 for win2000
> maybe for other operating system also.
>
> discussion:
> A security vulnerability has been found in Windows
> NT/2000 systems that have Tomcat 3.2.1
> installed.The
> vulnerability allows remote attackers to access files
> outside the document root directory scope.
>
> exploits:
> http://target:8080/%2e%2e/%2e%2e/%00.jsp
> It is possible to cause the Tomcat server to Listing
> outside the document root directory scope.
>
> solution:
> None
>
> Copyright 2000-2001 CHINANSL. All Rights
> Reserved. Terms of use.
>
> CHINANSL Security Team
> <lovehacker@chinansl.com>
> CHINANSL INFORMATION TECHNOLOGY CO.,LTD
> (http://www.chinansl.com)
What is with this Copyright stuff?
#1. Please report security issues to security@apache.org and/or
tomcat-dev@jakarta.apache.org first. It seems like that is a common
courtesy.
#2. Please test against the latest Tomcat 4.0 which is 4.0b2. I believe that
this has already been fixed.
p.s. Your lovehacker@263.net email address bounces.
-jon
