Modify

Opened 3 years ago

Last modified 9 months ago

#8725 assigned defect

[Patch] Minor path travelsal vulnerability

Reported by: tinus Owned by: rjollos
Priority: normal Component: DownloadsPlugin
Severity: normal Keywords:
Cc: rjollos Trac Release: 0.11

Description

If the 'file' field in the 'download' table can be manipulated, the DownloadsPlugin allows a user to download any file that can be accessed by the Trac user.

Attached is a patch that uses the basename function prior to concatenating the path to foil this attack.

Attachments (1)

downloadsplugin.patch (755 bytes) - added by tinus 3 years ago.

Download all attachments as: .zip

Change History (4)

Changed 3 years ago by tinus

comment:1 Changed 3 years ago by rjollos

  • Summary changed from minor path travelsal vulnerability to [Patch] Minor path travelsal vulnerability

comment:2 Changed 3 years ago by rjollos

  • Cc rjollos added

comment:3 Changed 9 months ago by rjollos

  • Owner changed from Blackhex to rjollos
  • Status changed from new to assigned

Add Comment

Modify Ticket

Action
as assigned .
Author


E-mail address and user name can be saved in the Preferences.

 
Note: See TracTickets for help on using tickets.