Skip Menu |
 

This queue is for tickets about the Net-HTTPServer CPAN distribution.

Report information
The Basics
Id: 5625
Status: resolved
Worked: 30 min
Priority: 0/
Queue: Net-HTTPServer

People
Owner: reatmon [...] mail.com
Requestors:
Cc:
AdminCc:

Bug Information
Severity: Critical
Broken in: 0.8.1
Fixed in: (no value)



Subject: Possibility to go beyond the docroot and have access to all the files
Download (untitled) / with headers
text/plain 219b
if you access http://localhost:5000/.//.../ you'll get one level above the docroot... and then, for each "/.../" you add, you get another level up... thus gaining complete read access to what the webserver can access...
Download (untitled) / with headers
text/plain 300b
I was not able to recreate this behavior, but I went ahead and added more replaces to the _chroot function to look for /\.+ and remove them. So if you enter a URL with /.../ will just remove that from the final path. I'm closing this. It will be in the 0.9.2 release in a day or so. Ryan Eatmon


This service is sponsored and maintained by Best Practical Solutions and runs on Perl.org infrastructure.

Please report any issues with rt.cpan.org to rt-cpan-admin@bestpractical.com.