You are viewing a plain text version of this content. The canonical link for it is here.
Posted to dev@tomcat.apache.org by bu...@apache.org on 2017/09/20 12:37:35 UTC
[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload
bypass
https://bz.apache.org/bugzilla/show_bug.cgi?id=61542
Remy Maucherat <re...@apache.org> changed:
What |Removed |Added
----------------------------------------------------------------------------
Summary|none |Apache Tomcat Remote Code
| |Execution via JSP Upload
| |bypass
--- Comment #2 from Remy Maucherat <re...@apache.org> ---
Hum, actually this looks like a File API issue. With the (correct) /1.jsp/ path
input, (new File(name)).getPath() just strips the trailing '/', and of course
getAbsolutePath, which is used for the safety net check, also does it. There's
a problem there.
Restoring the BZ name since it's pointless.
--
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscribe@tomcat.apache.org
For additional commands, e-mail: dev-help@tomcat.apache.org