[
https://issues.apache.org/jira/browse/KNOX-2588?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel
]
Akshay Kotecha Jain updated KNOX-2588:
--------------------------------------
Description: In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930,
10.0.0.alpha1 thru 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on
Unix-like systems, the system's temporary directory is shared between all users
on that system. A collocated user can observe the process of creating a
temporary subdirectory in the shared temporary directory and race to complete
the creation of the temporary subdirectory. If the attacker wins the race then
they will have read and write permission to the subdirectory used to unpack web
applications, including their WEB-INF/lib jar files and JSP files. If any code
is ever executed out of this temporary directory, this can lead to a local
privilege escalation vulnerability.
> Upgrade to jetty-webapp-11.0.0.beta3
> ------------------------------------
>
> Key: KNOX-2588
> URL: https://issues.apache.org/jira/browse/KNOX-2588
> Project: Apache Knox
> Issue Type: Improvement
> Reporter: Akshay Kotecha Jain
> Priority: Trivial
>
> In Eclipse Jetty versions 1.0 thru 9.4.32.v20200930, 10.0.0.alpha1 thru
> 10.0.0.beta2, and 11.0.0.alpha1 thru 11.0.0.beta2O, on Unix-like systems, the
> system's temporary directory is shared between all users on that system. A
> collocated user can observe the process of creating a temporary subdirectory
> in the shared temporary directory and race to complete the creation of the
> temporary subdirectory. If the attacker wins the race then they will have
> read and write permission to the subdirectory used to unpack web
> applications, including their WEB-INF/lib jar files and JSP files. If any
> code is ever executed out of this temporary directory, this can lead to a
> local privilege escalation vulnerability.
--
This message was sent by Atlassian Jira
(v8.3.4#803005)
