[23598] in bugtraq
Re: IRM Security Advisory 002: Netware Web Server Source Disclosure
daemon@ATHENA.MIT.EDU (Ulf Harnhammar)
Fri Dec 21 15:25:11 2001
Date: Fri, 21 Dec 2001 11:53:33 +0100 (CET)
From: Ulf Harnhammar <ulf@nic.st>
To: eNowak IGF remote <nowak@rz.uni-frankfurt.de>
Cc: <bugtraq@securityfocus.com>
In-Reply-To: <20011220T014538Z_B91800000000>
Message-ID: <Pine.LNX.4.33.0112211149340.18352-100000@ebola.iwerk.st>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=ISO-8859-1
Content-Transfer-Encoding: 8BIT
On Thu, 20 Dec 2001, eNowak IGF remote wrote:
> // only read file which is under the secure sewse path -- hence filtering ".."
> if ((argv[i]).indexOf("..") != -1)
> { return "Cannot read from insecure path."; }
This fix does not seem to allow people to use filenames that include the
characters ".." (i e, "my_document..ulf.txt" is not valid). It is probably
better to parse the file name, so you know what parts are directories and
what part is the file name, and then check the directory parts for the
exact strings "." and "..".
________________________________________
Ulf Härnhammar
System Developer
ST-Registry
St Eriksgatan 117, E2
SE-113 43 Stockholm
SWEDEN
Telephone: +46 (0)8-545 476 04
Facsimile: +46 (0)8-32 63 33
E-mail: ulf@nic.st
Web: http://www.nic.st/
The STreet domain - your Internet address
