From: SourceForge.net <no...@so...> - 2011-12-03 14:21:01
|
Bugs item #2879650, was opened at 2009-10-14 22:51 Message generated for change (Comment added) made by mungady You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=115494&aid=2879650&group_id=15494 Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. >Category: General >Group: 1.0.x >Status: Closed >Resolution: Fixed Priority: 5 Private: No Submitted By: Patrick Webster (patrickwebster) >Assigned to: David Gilbert (mungady) Summary: Security - Path / File Dislosure Initial Comment: Hello, Not sure if it has been reported or not. I am conducting a penetration test against a client's server which has JFreeChart embedded in another product. By requesting an invalid file name (e.g. http://localhost/charts?filename=blah), the absolute path is disclosed. In my client's instance, the temp folder is within documents & settings, further revealing the user account which is operating the backend and will aid in username/password attacks. Furthermore, by brute forcing filenames, a valid file (but invalid chart image) will return " Chart image not found", validating the filename, where as an incorrect guess will simply reveal the path. It is not a huge issue, but I thought for security's sake, these issues should be addressed - at very least, the path disclosure issue. Thank you! -Patrick ---------------------------------------------------------------------- >Comment By: David Gilbert (mungady) Date: 2011-12-03 06:20 Message: Thanks for the report. It's slightly embarrassing that it has taken me this long, but it is fixed now in SVN for the upcoming 1.0.15 release. Best regards, David ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=115494&aid=2879650&group_id=15494 |