Jeff
This looks like TclHTTPd 2.3.7 to me. Did you try whether the problem is
fixed in 3.1?
--JYL
Jeff McWhirter wrote:
> I came across a possible security hole in tcl-httpd.
>
> If you hit a url that is some suffix added to a valid url the server
> will try to execute the valid file like a CGI script.
>
> For example hitting the url:
> http://localhost:8015/license.terms/foo
> results in:
> Got the error Bad Request
> while trying to obtain /license.terms/foo.
> Don't know how to execute CGI
> d:/ifc/tcl/tmp/tclhttpd2.3.7/htdocs/license.terms
>
> (Of course if this is a tcl or perl or exe file the server will just
> execute it).
>
> >From DocDomain in doc.tcl we have the culprit call:
> if {![DocFallback $path $suffix $sock]} {
> # Couldn't find anything.
> # check for cgi script in the middle of the path
> Cgi_Domain $virtual $directory $sock $suffix
> }
>
> -Jeff McWhirter
