Le 31/10/2012 05:46, Eric Jacobs a écrit :
There is a race condition vulnerability in httpd 2.2.23 (also present
in previous releases) that allows a malicious user to serve arbitrary
files from nearly anywhere on a server that isn't protected by strict
os level permissions. In a shared hosting environment, this is a big
vulnerability.
If you would like more information on the exploit itself, please let
me know. I have a proof of concept that is able to hit the exploit
with 100% success.
This is my first patch submitted to Apache, so I'm sorry if I've
missed something. I'm aware that this doesn't meet some of the code
standards that are in place (e.g, it doesn't work at all on Windows),
but I wanted to put it out there anyway.
The patch that fixes the vulnerability is attached. Thank you in
advance for the feedback.
Hi,
could you please open a bug report on bugzilla
(https://issues.apache.org/bugzilla/) so that your message and proposed
patch does not get lost in this mailing list.
Thanks in advance.
Best regards,
Christophe JAILLET