httpd-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From ga...@main.slink.com (Garey Smiley)
Subject Re: [Fwd: Apache Security Problem]
Date Mon, 08 Apr 1996 14:55:38 GMT
On Mon, 08 Apr 1996 11:36:26 -0600 you wrote:

>Just tried in on 1.1b0a and a 1.1dev of last week. I couldn't
>reproduce this...
>
>--------------5F0458824352
>Content-Type: message/rfc822
>Content-Transfer-Encoding: 7bit
>Content-Disposition: inline
>
>Path: newshost.lanl.gov!ncar!gatech!swrinde!cs.utexas.edu!math.ohio-state.edu!magnus.acs.ohio-state.edu!lerc.nasa.gov!purdue!haven.umd.edu!cville-srv.wam.umd.edu!techno
>From: techno@wam.umd.edu (Nocturnal Guardian)
>Newsgroups: comp.infosystems.www.servers.unix,comp.infosystems.www.servers.misc
>Subject: Apache Security Problem
>Date: 8 Apr 1996 15:48:44 GMT
>Organization: Pacland Central
>Message-ID: <4kbcgs$n98@cville-srv.wam.umd.edu>
>NNTP-Posting-Host: rac1.wam.umd.edu
>X-Newsreader: TIN [version 1.2 PL0]
>Xref: newshost.lanl.gov comp.infosystems.www.servers.unix:14024 comp.infosystems.www.servers.misc:4008
>
>
>I am running the OS/2 port of Apache 1.0.1, and there is a security hole in
>it.  A friend of mine tried to access http://my.server/cgi-bin/, and it 
>gave him a Forbidden - you do not have permission to access /cgi-bin/ on
>this server, which I believe is what it should have done.  Then he tried to
>access http://my.server/.\cgi-bin\/, and it gave him a directory listing of
>/cgi-bin/!  He then was able to read all of the files in that directory.
>I tried to create an index.html file in the cgi-bin directory, and that
>fixed the problem for that directory.  However, I then attempted to access
>http://my.server/.\..\/ and it also gave the directory listing!  I was able
>to access ALL of the files on my hard drive!!!  This is a serious security
>flaw, and I'm wondering if there is any way to fix it.  Has this been fixed
>in 1.0.2 or 1.0.3?

1.0.3 also does this. It is cause by some of the UNIX to OS/2 filenameing
conversion that the EMX libraries do. I am working on a fix. It should be done
in a day or two.


Garey Smiley
SoftLink Services
garey@slink.com
http://www.slink.com/
(216)848-1312 FAX/Data(216)699-4474

Mime
View raw message