#964 Security - Path / File Dislosure

1.0.x
closed-fixed
General (896)
5
2011-12-03
2009-10-15
No

Hello,

Not sure if it has been reported or not. I am conducting a penetration test against a client's server which has JFreeChart embedded in another product.

By requesting an invalid file name (e.g. http://localhost/charts?filename=blah\), the absolute path is disclosed. In my client's instance, the temp folder is within documents & settings, further revealing the user account which is operating the backend and will aid in username/password attacks.

Furthermore, by brute forcing filenames, a valid file (but invalid chart image) will return " Chart image not found", validating the filename, where as an incorrect guess will simply reveal the path.

It is not a huge issue, but I thought for security's sake, these issues should be addressed - at very least, the path disclosure issue.

Thank you!
-Patrick

Discussion

  • David Gilbert

    David Gilbert - 2011-12-03
    • assigned_to: nobody --> mungady
    • milestone: --> 1.0.x
    • labels: --> General
    • status: open --> closed-fixed
     
  • David Gilbert

    David Gilbert - 2011-12-03

    Thanks for the report. It's slightly embarrassing that it has taken me this long, but it is fixed now in SVN for the upcoming 1.0.15 release.

    Best regards,
    David

     

Get latest updates about Open Source Projects, Conferences and News.

Sign up for the SourceForge newsletter:





No, thanks