TUCoPS :: Web :: Apps :: tomcat1.htm

Jakarta Tomcat retrieve arbitrary files 
Vulnerability

    Jakarta Tomcat

Affected

    Apache project: Jakarta Tomcat

Description

    Jan Madsen found  following.  The  Apache project: Jakarta  Tomcat
    contains a serius security bug.  Tomcat is used together with  the
    Apache web server  to serve Java  Server Pages and  Java servlets.
    Summary from the Tomcat development team advisory is posted below.

    Delivered with Tomcat is  an example (jsp/source.jsp) that  can be
    used to deliver the contents of any file on your machine.

Solution

    The simplest  course of  action is  to simply  remove this example
    from your machine.  Alternatively, you can replace the  associated
    ShowSource.class file with one from the current 3.1 beta.

    Fixes have been made to the  core of Tomcat to not allow  any file
    references to be  resolved outside of  the context being  used for
    the  resolution.   Additionally,  a   change  has  been  made   to
    ShowSource.java to disallow any requests which contain the  string
    "..".

    The  3.1  beta  1  release  has  been  refreshed  with these fixes
    applied.

TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2024 AOH