Bug 26153

Summary: Apache cygwin directory traversal vulnerability
Product: Apache httpd-2 Reporter: Jeremy Bae <swbae>
Component: CoreAssignee: Apache HTTPD Bugs Mailing List <bugs>
Status: REOPENED ---    
Severity: critical CC: szg0000
Priority: P1    
Version: 2.0.48   
Target Milestone: ---   
Hardware: PC   
OS: All   

Description Jeremy Bae 2004-01-15 04:12:13 UTC
on cygwin environment, any files can be retrieved by malicious users.

Apache 1.3.29 and 2.0.48 (source compile version) vulnerability

Comment 1 Paul Querna 2004-08-30 04:50:11 UTC
Can anyone on cgywin verify this issue?  This should likely goto security@ if it is a real issue!
Comment 2 Jeremy Bae 2004-08-30 05:17:09 UTC
Bug 26152 (Apache 1.3.29) has been fixed by Stipe Tolj.

Bug 26153 is not yet fixed.
Comment 3 Paul Querna 2004-08-30 05:51:23 UTC
According to the ChangeLog, CAN-2002-0661 this was fixed in the 2.0.40 release.
Comment 4 Jeremy Bae 2004-08-30 06:35:04 UTC
It is similar to CAN-2002-0661, but new bug of Apache (2.0.48 and below on 

look at the difference between CAN-2002-0661 and this (%2e).
<CAN-2002-0661 attack signature>

<this bug attack signature>

I've tested this on Apache 2.0.48 (cygwin), and it did work.

I guess CAN-2002-0661 patch didn't applied to Cygwin portion.