[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

bugzilla Wed, 20 Sep 2017 05:38:15 -0700

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542


Remy Maucherat <r...@apache.org> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
            Summary|none                        |Apache Tomcat Remote Code
                   |                            |Execution via JSP Upload
                   |                            |bypass

--- Comment #2 from Remy Maucherat <r...@apache.org> ---
Hum, actually this looks like a File API issue. With the (correct) /1.jsp/ path
input, (new File(name)).getPath() just strips the trailing '/', and of course
getAbsolutePath, which is used for the safety net check, also does it. There's
a problem there.

Restoring the BZ name since it's pointless.

-- 
You are receiving this mail because:
You are the assignee for the bug.
---------------------------------------------------------------------
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

Reply via email to