Jan.MadsenSECURITYWORKERS.DK

• Next message: Hugo.van.der.KooijCAIW.NL: "Esafe Protect Gateway (CVP) does not scan virus under some conditions"
• Previous message: Katie Moussouris: "[TL-Security-Announce] nmh-1.0.2 and earlier TLSA200008-1"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

The Apache project: Jakarta Tomcat contains a serius security bug.
Tomcat is used together with the Apache web server to serve Java Server
Pages and Java servlets.
Summary from the Tomcat development team advisory is posted below:

Advisory:

Delivered with Tomcat is an example (jsp/source.jsp) that can be used to
deliver the contents of any file on your machine.

Recommended action:

The simplest course of action is to simply remove this example from your
machine. Alternatively, you can replace the associated ShowSource.class file
with one from the current 3.1 beta.

Fixes:

Fixes have been made to the core of Tomcat to not allow any file references
to be resolved outside of the context being used for the resolution.
Additionally, a change has been made to ShowSource.java to disallow any
requests which contain the string "..".

The 3.1 beta 1 release has been refreshed with these fixes applied.

 .........................................................................
...........................................................................

Med venlig hilsen/Best regards/Freundliche Grüße

Jan Madsen

S e c u r i t y w o r k e r s
Denmark
Tlf: (+45) 70 26 88 62
Fax: (+45) 70 26 88 63
http://www.securityworkers.com/
mailto:Jan.Madsensecurityworkers.dk

...........................................................................
 .........................................................................

• Next message: Hugo.van.der.KooijCAIW.NL: "Esafe Protect Gateway (CVP) does not scan virus under some conditions"
• Previous message: Katie Moussouris: "[TL-Security-Announce] nmh-1.0.2 and earlier TLSA200008-1"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]