Opened 5 years ago

Last modified 3 years ago

#8725 assigned defect

[Patch] Minor path travelsal vulnerability

Reported by: tinus Owned by: rjollos
Priority: normal Component: DownloadsPlugin
Severity: normal Keywords:
Cc: rjollos Trac Release: 0.11


If the 'file' field in the 'download' table can be manipulated, the DownloadsPlugin allows a user to download any file that can be accessed by the Trac user.

Attached is a patch that uses the basename function prior to concatenating the path to foil this attack.

Attachments (1)

downloadsplugin.patch (755 bytes) - added by tinus 5 years ago.

Download all attachments as: .zip

Change History (4)

Changed 5 years ago by tinus

comment:1 Changed 5 years ago by rjollos

  • Summary changed from minor path travelsal vulnerability to [Patch] Minor path travelsal vulnerability

comment:2 Changed 5 years ago by rjollos

  • Cc rjollos added; anonymous removed

comment:3 Changed 3 years ago by rjollos

  • Owner changed from Blackhex to rjollos
  • Status changed from new to assigned

Add Comment

Modify Ticket

as assigned The owner will remain rjollos.

E-mail address and user name can be saved in the Preferences.

Note: See TracTickets for help on using tickets.