The vulnerability of accessing arbitrary files via Mochiweb
is logged and fixed as issue #92 on Mochiweb. Port the same
fix to the copy of Mochiweb in our codebase. See issue at
mochi/mochiweb#92
Change-Id: I3977a5296d2413fa7659b5e722c4103190602d0f
Reviewed-on: http://review.couchbase.org/23395
Reviewed-by: Aliaksey Kandratsenka <alkondratenko@gmail.com>
Tested-by: Sriram Melkote <siri@couchbase.com>
On Windows, it is possible to access arbitrary files by crafting a GET with unescaped backslash characters. For example:
GET /..............\ff\asubdir\secretfile
HTTP/1.1 200 OK
Server: MochiWeb/1.0 (Any of you quaids got a smint?)
Content-Type: text/plain
Content-Length: 14
Hello
World
Origin: http://www.couchbase.com/issues/browse/MB-7390
The text was updated successfully, but these errors were encountered: