You are viewing a plain text version of this content. The canonical link for it is here.
Posted to users@tomcat.apache.org by Randy Layman <ra...@aswethink.com> on 2001/07/27 15:25:37 UTC
RE: Warning: Security Hole With IIS & Tomcat
I would have to say probably not. The exploit that we saw a few
weeks ago was that you can send IIS a command to go .. outside of the
inetpub directory (thus going above the root). If you have the default
installation, and inetpub is on the same drive as your WinNT partion, it
allows the hacker to run cmd.exe, from which they can do just about whatever
they want.
The solution to this problem is to have inetpub on a different drive
from your WinNT directory.
Randy
-----Original Message-----
From: Russell, Steve [mailto:Steve.Russell@valueoptions.com]
Sent: Friday, July 27, 2001 9:47 AM
To: 'tomcat-user@jakarta.apache.org'
Subject: Warning: Security Hole With IIS & Tomcat
Hi;
My company is running a jsp site on IIS 5 with windows 2000, and all of
the security patches.
We discovered that if we use tomcat or jrun 2.3.3 with IIS that that
we have to set up the tomcat ( or jrun ) directories as virtual directories
___with execute permissions turned on__.
This got us hacked into.
I don't understand how. It has something to do with how IIS handles
malformed urls leaving IIS open to attacks if directories associated with
a web site have execute permissions granted.
Does Apache have a similar vulnerability?
Steve Russell
Web Developer III
ValueOptions - Lifescape
703-205-6589
steve.russell@valueoptions.com
**********************************************************************
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the sender by email, delete and destroy this message and its
attachments.
**********************************************************************