Visit our newest sister site!
Hundreds of free aircraft flight manuals
Civilian • Historical • Military • Declassified • FREE!

TUCoPS :: Web :: Servers :: web5464.htm

Resin Server default install vulnerabilities
18th Jun 2002 [SBWID-5464]

	Resin default install vulnerabilities


	Resin 2.1.2 standalone on Windows 2000 Server


	Peter Gründl [] of KPMG Danbemark said :

	 1. Arbitrary File Reading



	In a default installation of Resin server, the examples folder  will  be
	installed as well.

	The sample script view_source.jsp tries to chroot to  the  folder  where
	it is located. If you look at the sourcecode, it says:

	\"// Chroot to the current directory so no one can use this as a p
	 // security hold\"


	Attempts to use /../ to break  out  of  the  examples  folder  are  also
	foiled by the script. However, if you replace the /../ with  \\..\\  you
	can access any file on the drive that Resin has access to.

	 2. Denial of Service



	By defining large variables when accessing non-existant  ressources,  it
	is possible to consume the entire workspace on  the  server.  This  will
	result in hanging parts of or the entire web server.


	Remove the examples folder from your website.

	Upgrade to version 2.1.2 available from:


TUCoPS is optimized to look best in Firefox® on a widescreen monitor (1440x900 or better).
Site design & layout copyright © 1986-2015 AOH