Arbirary file access possible on Windows
27 views
Skip to first unread message
Sriram Melkote
Dec 14, 2012, 5:56:25 PM12/14/12
to moch...@googlegroups.com
Hi,
On Windows, it is possible to access arbitrary files by crafting a GET with unescaped backslash characters. Please see below for an example. This was raised in http://www.couchbase.com/issues/browse/MB-7390. I've made a possible fix for this, https://github.com/melkote/mochiweb/commit/ac2bf
Thanks,
Sriram
GET /..............\ff\asubdir\secretfile
HTTP/1.1 200 OK
Server: MochiWeb/1.0 (Any of you quaids got a smint?)
Content-Type: text/plain
Content-Length: 14
Hello
World
On Windows, it is possible to access arbitrary files by crafting a GET with unescaped backslash characters. Please see below for an example. This was raised in http://www.couchbase.com/issues/browse/MB-7390. I've made a possible fix for this, https://github.com/melkote/mochiweb/commit/ac2bf
Thanks,
Sriram
GET /..............\ff\asubdir\secretfile
HTTP/1.1 200 OK
Server: MochiWeb/1.0 (Any of you quaids got a smint?)
Content-Type: text/plain
Content-Length: 14
Hello
World
Reply all
Reply to author
Forward
0 new messages