[Commons-l] GIFAR vulnerability and commons
David Gerard
dgerard at gmail.com
Mon Aug 11 22:36:15 UTC 2008
2008/8/11 Gregory Maxwell <gmaxwell at gmail.com>:
> What I wasn't able to reproduce is a file which both passed the upload
> validation and which was executed by the Sun JRE... though I didn't
> try hard once I realize that the use of a different domain for
> uploading provided strong protection. It might well be that the upload
> validation needs to be made more aggressive to stop these files, but
> they pose us little to no risk. (Right now about the only risk I can
> see would be having evildomain instruct browsers to DOS attack our
> image servers... which could be done with simple JS on evildomain
> without any exploit at all).
AIUI the upload process checks both the extension and the magic
number, doesn't it? I suppose it's a Simple Matter Of Programming to
check files for validity ...
- d.
More information about the Commons-l
mailing list