tomcat-users mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From "Angus Mezick" <amez...@guidestar.org>
Subject RE: security hole on windows tomcat?
Date Mon, 11 Aug 2003 16:56:19 GMT
ARGH! This has gone to just being an apache problem.  Tomcat seems to
have self corrected.  I am very confused but will keep looking.  Apache
still does it though.

> -----Original Message-----
> From: Cox, Charlie [mailto:ccox@cincom.com] 
> Sent: Monday, August 11, 2003 12:40 PM
> To: 'Tomcat Users List'
> Subject: RE: security hole on windows tomcat?
> 
> 
> can you turn on debug for the defaultservlet - set it to 99 
> in conf/web.xml
> and post the log.
> 
> > -----Original Message-----
> > From: Angus Mezick [mailto:amezick@guidestar.org]
> > Sent: Monday, August 11, 2003 12:39 PM
> > To: Tomcat Users List
> > Subject: RE: security hole on windows tomcat?
> > 
> > 
> > Nope, but this mime mapping exists.
> >     <mime-mapping>
> >         <extension>jspf</extension>
> >         <mime-type>text/plain</mime-type>
> >     </mime-mapping>
> > 
> > > -----Original Message-----
> > > From: Cox, Charlie [mailto:ccox@cincom.com] 
> > > Sent: Monday, August 11, 2003 12:15 PM
> > > To: 'Tomcat Users List'
> > > Subject: RE: security hole on windows tomcat?
> > > 
> > > 
> > > did you change any mime-mappings in conf/web.xml? could you 
> > > have a "jsp " in
> > > there somewhere defining it as text?
> > > 
> > > > -----Original Message-----
> > > > From: Angus Mezick [mailto:amezick@guidestar.org]
> > > > Sent: Monday, August 11, 2003 12:15 PM
> > > > To: Tomcat Users List
> > > > Subject: RE: security hole on windows tomcat?
> > > > 
> > > > 
> > > > Ok guys,
> > > > What could I have turned on that would have allowed this bug 
> > > > to happen?
> > > > I can make it happen in both tomcat and tomcat through 
> > > apache.  (Most
> > > > recent of both)  I can provide a site where it DOES happen 
> > > so you guys
> > > > can see what is happening.
> > > > 
> > > > > -----Original Message-----
> > > > > From: Cox, Charlie [mailto:ccox@cincom.com] 
> > > > > Sent: Monday, August 11, 2003 12:07 PM
> > > > > To: 'Tomcat Users List'
> > > > > Subject: RE: security hole on windows tomcat?
> > > > > 
> > > > > 
> > > > > sorry, I don't know - I don't use Apache. This was just a 
> > > > > thought that I
> > > > > had.
> > > > > 
> > > > > I do not have this problem 4.1.24 on Win2k
> > > > > 
> > > > > Charlie
> > > > > 
> > > > > > -----Original Message-----
> > > > > > From: Angus Mezick [mailto:amezick@guidestar.org]
> > > > > > Sent: Monday, August 11, 2003 11:49 AM
> > > > > > To: Tomcat Users List
> > > > > > Subject: RE: security hole on windows tomcat?
> > > > > > 
> > > > > > 
> > > > > > Charlie,  
> > > > > > How do you fix this within apache?
> > > > > > 
> > > > > > > -----Original Message-----
> > > > > > > From: Cox, Charlie [mailto:ccox@cincom.com] 
> > > > > > > Sent: Monday, August 11, 2003 10:15 AM
> > > > > > > To: 'Tomcat Users List'
> > > > > > > Subject: RE: security hole on windows tomcat?
> > > > > > > 
> > > > > > > 
> > > > > > > do you have apache on the front end and are you 
> > only mapping 
> > > > > > > *.jsp where
> > > > > > > *.jsp%20 is not a match and apache would then serve the

> > > > > > file as text?
> > > > > > > 
> > > > > > > Charlie
> > > > > > > 
> > > > > > > > -----Original Message-----
> > > > > > > > From: John Turner [mailto:tomcat-user@johnturner.com]
> > > > > > > > Sent: Monday, August 11, 2003 9:22 AM
> > > > > > > > To: Tomcat Users List
> > > > > > > > Subject: Re: security hole on windows tomcat?
> > > > > > > > 
> > > > > > > > 
> > > > > > > > 
> > > > > > > > Appending "%20" to my Tomcat 4.1.1x URLs 
> generates a 404.
> > > > > > > > 
> > > > > > > > John
> > > > > > > > 
> > > > > > > > Paul Sundling("Webdaddy") wrote:
> > > > > > > > 
> > > > > > > > > I came across what appears to be a security hole
when 
> > > > > > > > running tomcat. 
> > > > > > > > > I'm not sure how widespread it is, but my linux

> > server is 
> > > > > > > > safe, yet my 
> > > > > > > > > windows XP, tomcat 4.1.24 is vulnerable.
> > > > > > > > > 
> > > > > > > > > I found that if you append %20 to a jsp page
it 
> > shows the 
> > > > > > > > source code 
> > > > > > > > > instead of displaying the page:
> > > > > > > > > 
> > > > > > > > > http://192.168.1.54:8080/index.jsp  <shows
page 
> > > as expected>
> > > > > > > > > http://192.168.1.54:8080/index.jsp%20 <shows

> > > source code of 
> > > > > > > > index.jsp>
> > > > > > > > > 
> > > > > > > > > So how widespread is this?
> > > > > > > > > 
> > > > > > > > > Paul Sundling
> > > > > > > > > 
> > > > > > > > > 
> > > > > > > > > 
> > > > > > > > 
> > > > > > > 
> > > > > > 
> > > > > 
> > > > 
> > > 
> > 
> ---------------------------------------------------------------------
> > > > > > > > > To unsubscribe, e-mail: 
> > > > > > tomcat-user-unsubscribe@jakarta.apache.org
> > > > > > > > > For additional commands, e-mail: 
> > > > > > > tomcat-user-help@jakarta.apache.org
> > > > > > > > > 
> > > > > > > > 
> > > > > > > > 
> > > > > > > > 
> > > > > > > > 
> > > > > > > 
> > > > > > 
> > > > > 
> > > > 
> > > 
> > 
> ---------------------------------------------------------------------
> > > > > > > > To unsubscribe, e-mail: 
> > > > > tomcat-user-unsubscribe@jakarta.apache.org
> > > > > > > > For additional commands, e-mail: 
> > > > > > tomcat-user-help@jakarta.apache.org
> > > > > > > > 
> > > > > > > 
> > > > > > > 
> > > > > > 
> > > > > 
> > > > 
> > > 
> > 
> ---------------------------------------------------------------------
> > > > > > > To unsubscribe, e-mail: 
> > > > tomcat-user-unsubscribe@jakarta.apache.org
> > > > > > > For additional commands, e-mail: 
> > > > > tomcat-user-help@jakarta.apache.org
> > > > > > > 
> > > > > > > 
> > > > > > 
> > > > > > 
> > > > > 
> > > > 
> > > 
> > 
> ---------------------------------------------------------------------
> > > > > > To unsubscribe, e-mail: 
> > > tomcat-user-unsubscribe@jakarta.apache.org
> > > > > > For additional commands, e-mail: 
> > > > tomcat-user-help@jakarta.apache.org
> > > > > > 
> > > > > 
> > > > > 
> > > > 
> > > 
> > 
> ---------------------------------------------------------------------
> > > > > To unsubscribe, e-mail: 
> > tomcat-user-unsubscribe@jakarta.apache.org
> > > > > For additional commands, e-mail: 
> > > tomcat-user-help@jakarta.apache.org
> > > > > 
> > > > > 
> > > > 
> > > > 
> > > 
> > 
> ---------------------------------------------------------------------
> > > > To unsubscribe, e-mail: 
> tomcat-user-unsubscribe@jakarta.apache.org
> > > > For additional commands, e-mail: 
> > tomcat-user-help@jakarta.apache.org
> > > > 
> > > 
> > > 
> > 
> ---------------------------------------------------------------------
> > > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > > For additional commands, e-mail: 
> tomcat-user-help@jakarta.apache.org
> > > 
> > > 
> > 
> > 
> ---------------------------------------------------------------------
> > To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> > For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> > 
> 
> ---------------------------------------------------------------------
> To unsubscribe, e-mail: tomcat-user-unsubscribe@jakarta.apache.org
> For additional commands, e-mail: tomcat-user-help@jakarta.apache.org
> 
> 

Mime
View raw message