general/7357: URLs containing invalid paths in combination with .. are served

[Stefan Fr�hlich <St...@Froehlich.Priv.at>]

>Number:         7357
>Category:       general
>Synopsis:       URLs containing invalid paths in combination with .. are served
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    apache
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   apache
>Arrival-Date:   Sun Mar 04 15:40:01 PST 2001
>Closed-Date:
>Last-Modified:
>Originator:     Stefan@Froehlich.Priv.at
>Release:        1.3.17
>Organization:
apache
>Environment:
Linux euklid 2.4.1 #4 SMP Thu Feb 1 20:24:02 CET 2001 i686 unknown
>Description:
For example: the URL
http://www.weltenhaus.net/diverse/moerder/../BER204.JPG
provides a perfect result even though the path "moerder" is not
existant at the server. Doing this, people can a) severely skew
my statistics by introducing arbitrary keywords and b) publish
URLs on my server which sound clearly misleading.
>How-To-Repeat:
http://www.weltenhaus.net/diverse/moerder/../BER204.JPG
>Fix:
Check the complete path for existance instead of taking the shortcut and
reducing it with the given instances of ".."
>Release-Note:
>Audit-Trail:
>Unformatted:
 [In order for any reply to be added to the PR database, you need]
 [to include <ap...@Apache.Org> in the Cc line and make sure the]
 [subject line starts with the report component and number, with ]
 [or without any 'Re:' prefixes (such as "general/1098:" or      ]
 ["Re: general/1098:").  If the subject doesn't match this       ]
 [pattern, your message will be misfiled and ignored.  The       ]
 ["apbugs" address is not added to the Cc line of messages from  ]
 [the database automatically because of the potential for mail   ]
 [loops.  If you do not include this Cc, your reply may be ig-   ]
 [nored unless you are responding to an explicit request from a  ]
 [developer.  Reply only with text; DO NOT SEND ATTACHMENTS!     ]