Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Using backslash on Path, arbitrary files can be accessed on Windows #92

Closed
melkote opened this issue Dec 14, 2012 · 3 comments
Closed

Comments

@melkote
Copy link
Contributor

melkote commented Dec 14, 2012

On Windows, it is possible to access arbitrary files by crafting a GET with unescaped backslash characters. For example:

GET /..............\ff\asubdir\secretfile

HTTP/1.1 200 OK
Server: MochiWeb/1.0 (Any of you quaids got a smint?)
Content-Type: text/plain
Content-Length: 14

Hello
World

Origin: http://www.couchbase.com/issues/browse/MB-7390

@melkote
Copy link
Contributor Author

melkote commented Dec 14, 2012

@etrepum
Copy link
Member

etrepum commented Dec 15, 2012

Can you send that over as a pull request?

@etrepum
Copy link
Member

etrepum commented Dec 15, 2012

#93 was merged

@etrepum etrepum closed this as completed Dec 15, 2012
t3rm1n4l pushed a commit to t3rm1n4l/couchdb that referenced this issue Dec 22, 2013
The vulnerability of accessing arbitrary files via Mochiweb
is logged and fixed as issue #92 on Mochiweb. Port the same
fix to the copy of Mochiweb in our codebase. See issue at
mochi/mochiweb#92

Change-Id: I3977a5296d2413fa7659b5e722c4103190602d0f
Reviewed-on: http://review.couchbase.org/23395
Reviewed-by: Aliaksey Kandratsenka <alkondratenko@gmail.com>
Tested-by: Sriram Melkote <siri@couchbase.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants