Security bug in Apache project: Jakarta Tomcat

2000-03-22T00:00:00
ID SECURITYVULNS:DOC:40
Type securityvulns
Reporter Securityvulns
Modified 2000-03-22T00:00:00

Description

The Apache project: Jakarta Tomcat contains a serius security bug. Tomcat is used together with the Apache web server to serve Java Server Pages and Java servlets. Summary from the Tomcat development team advisory is posted below:

Advisory:

Delivered with Tomcat is an example (jsp/source.jsp) that can be used to deliver the contents of any file on your machine.

Recommended action:

The simplest course of action is to simply remove this example from your machine. Alternatively, you can replace the associated ShowSource.class file with one from the current 3.1 beta.

Fixes:

Fixes have been made to the core of Tomcat to not allow any file references to be resolved outside of the context being used for the resolution. Additionally, a change has been made to ShowSource.java to disallow any requests which contain the string "..".

The 3.1 beta 1 release has been refreshed with these fixes applied.

......................................................................... ...........................................................................

Med venlig hilsen/Best regards/Freundliche GrьЯe

Jan Madsen

S e c u r i t y w o r k e r s Denmark Tlf: (+45) 70 26 88 62 Fax: (+45) 70 26 88 63 http://www.securityworkers.com/ mailto:Jan.Madsen@securityworkers.dk

........................................................................... .........................................................................