[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

--- Comment #12 from rydan  ---
https://gogoanimex.me GogoAnime

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

--- Comment #12 from rydan  ---
https://animelover1.statuspage.io

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

Chuck Caldarale  changed:

   What|Removed |Added

URL|https://forum.czaswojny.int |
   |eria.pl/index.php?page=User |
   |=30514   |

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

jhon005  changed:

   What|Removed |Added

URL|https://animex2.statuspage. |https://forum.czaswojny.int
   |io  |eria.pl/index.php?page=User
   ||=30514

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

jhon005  changed:

   What|Removed |Added

URL||https://animex2.statuspage.
   ||io

--- Comment #13 from jhon005  ---

https://www.atoallinks.com/2022/how-does-gogoanime-stand-apart-from-different-sites/
https://www.addonface.com/read-blog/8286_gogoanime-features-and-things-to-be-aware-of-gogoanime.html
https://www.onfeetnation.com/profiles/blogs/what-is-gogoanime-how-to-download-animated-videos-from-gogoanime
https://www.vaca-ps.org/blogs/1508/How-To-Get-Familiar-With-Gogoanime
https://community.wongcw.com/blogs/171924/All-You-Want-To-Know-About-Gogoanime
https://pwonline.ru/forums/fredirect.php?url=https://gogoanimex.me
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/bungou-stray-dogs%22%3Ebungou-stray-dogs-gogoanime%3C/a%3E%3C/h1%3E
http://services.nfpa.org/Authentication/GetSSOSession.aspx?return=https://gogoanimex.me/
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/spy-kyoushitsu%22%3Espy-kyoushitsu-gogoanime%3C/a%3E
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/kono-subarashii-sekai-ni-shukufuku-wo-3%22%3Ekono-subarashii-sekai-ni-shukufuku-wo-3-GogoAnime%3C/a%3E
https://www.middlesex.mass.edu/templateinframes/?Site=Help=https://gogoanimex.me
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/spy-kyoushitsu%22%3Espy-kyoushitsu-gogoanime%3C/a%3E%3C/h1%3E
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/kimi-wa-houkago-insomnia%22%3Ekimi-wa-houkago-insomnia-gogoanime%3C/a%3E%3C/h1%3E
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/kimetsu-no-yaiba-yuukaku-hen%22%3Ekimetsu-no-yaiba-yuukaku-hen-gogoanime%3C/a%3E%3C/h1%3E
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/tsuki-ga-michibiku-isekai-douchuu-2nd-season%22%3Etsuki-ga-michibiku-isekai-douchuu-2nd-season-GogoAnime%3C/a%3E%3C/h1%3E
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/lord-el-melloi-ii-sei-no-jikenbo-rail-zeppelin-grace-note%22%3Elord-el-melloi-ii-sei-no-jikenbo-rail-zeppelin-grace-note-gogoanime%3C/a%3E
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/ore-dake-level-up-na-ken%22%3Eore-dake-level-up-na-ken-GogoAnime%3C/a%3E
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/ore-dake-level-up-na-ken%22%3Eore-dake-level-up-na-ken-GogoAnime%3C/a%3E%3C/h1%3E
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/detective-conan%22%3Edetective-conan-GogoAnime%3C/a%3E%3C/h1%3E
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/girls-band-cry%22%3Egirls-band-cry-GogoAnime%3C/a%3E
https://auth.uq.edu.au/idp/module.php/core/loginuserpass.php?AuthState=_8c8c1c15cd67c821ee4e342ec9e5dc32e21f491c33:https://gogoanimex.me
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/kono-subarashii-sekai-ni-shukufuku-wo-3%22%3Ekono-subarashii-sekai-ni-shukufuku-wo-3-GogoAnime%3C/a%3E%3C/h1%3E
https://ecms.des.wa.gov/ECMSUserManager/ForgotPassword.aspx?system=5=https://gogoanimex.me
https://bbs.vivo.com/in/link?target=https://gogoanimex.me/hitori-no-shita-the-outcast-2nd-season-episode-1
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/nierautomata-ver1-1a%22%3Enierautomata-ver1-1a-gogoanime%3C/a%3E
https://www.pasda.psu.edu/uci/lancasterAgreement.aspx?File=https://gogoanimex.me
https://track-registry.theknot.com/track/forward/d191573b-9d7d-4bcc-8d7b-45ccb411128b?rt=10275=https://gogoanimex.me
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/kimetsu-no-yaiba-yuukaku-hen%22%3Ekimetsu-no-yaiba-yuukaku-hen-gogoanime%3C/a%3E
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/gakusen-toshi-asterisk-2nd-season%22%3Egakusen-toshi-asterisk-2nd-season-gogoanime%3C/a%3E
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/gakusen-toshi-asterisk-2nd-season%22%3Egakusen-toshi-asterisk-2nd-season-gogoanime%3C/a%3E%3C/h1%3E
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/tensei-shitara-slime-datta-ken-2nd-season%22%3Etensei-shitara-slime-datta-ken-2nd-season-gogoanime%3C/a%3E
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/bungou-stray-dogs%22%3Ebungou-stray-dogs-gogoanime%3C/a%3E
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/date-a-live-v%22%3Edate-a-live-v-GogoAnime%3C/a%3E%3C/h1%3E

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

--- Comment #12 from jhon005  ---

https://www.atoallinks.com/2022/how-does-gogoanime-stand-apart-from-different-sites/
https://www.addonface.com/read-blog/8286_gogoanime-features-and-things-to-be-aware-of-gogoanime.html
https://www.onfeetnation.com/profiles/blogs/what-is-gogoanime-how-to-download-animated-videos-from-gogoanime
https://www.vaca-ps.org/blogs/1508/How-To-Get-Familiar-With-Gogoanime
https://community.wongcw.com/blogs/171924/All-You-Want-To-Know-About-Gogoanime
https://pwonline.ru/forums/fredirect.php?url=https://gogoanimex.me
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/bungou-stray-dogs%22%3Ebungou-stray-dogs-gogoanime%3C/a%3E%3C/h1%3E
http://services.nfpa.org/Authentication/GetSSOSession.aspx?return=https://gogoanimex.me/
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/spy-kyoushitsu%22%3Espy-kyoushitsu-gogoanime%3C/a%3E
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/kono-subarashii-sekai-ni-shukufuku-wo-3%22%3Ekono-subarashii-sekai-ni-shukufuku-wo-3-GogoAnime%3C/a%3E
https://www.middlesex.mass.edu/templateinframes/?Site=Help=https://gogoanimex.me
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/spy-kyoushitsu%22%3Espy-kyoushitsu-gogoanime%3C/a%3E%3C/h1%3E
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/kimi-wa-houkago-insomnia%22%3Ekimi-wa-houkago-insomnia-gogoanime%3C/a%3E%3C/h1%3E
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/kimetsu-no-yaiba-yuukaku-hen%22%3Ekimetsu-no-yaiba-yuukaku-hen-gogoanime%3C/a%3E%3C/h1%3E
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/tsuki-ga-michibiku-isekai-douchuu-2nd-season%22%3Etsuki-ga-michibiku-isekai-douchuu-2nd-season-GogoAnime%3C/a%3E%3C/h1%3E
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/lord-el-melloi-ii-sei-no-jikenbo-rail-zeppelin-grace-note%22%3Elord-el-melloi-ii-sei-no-jikenbo-rail-zeppelin-grace-note-gogoanime%3C/a%3E
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/ore-dake-level-up-na-ken%22%3Eore-dake-level-up-na-ken-GogoAnime%3C/a%3E
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/ore-dake-level-up-na-ken%22%3Eore-dake-level-up-na-ken-GogoAnime%3C/a%3E%3C/h1%3E
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/detective-conan%22%3Edetective-conan-GogoAnime%3C/a%3E%3C/h1%3E
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/girls-band-cry%22%3Egirls-band-cry-GogoAnime%3C/a%3E
https://auth.uq.edu.au/idp/module.php/core/loginuserpass.php?AuthState=_8c8c1c15cd67c821ee4e342ec9e5dc32e21f491c33:https://gogoanimex.me
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/kono-subarashii-sekai-ni-shukufuku-wo-3%22%3Ekono-subarashii-sekai-ni-shukufuku-wo-3-GogoAnime%3C/a%3E%3C/h1%3E
https://ecms.des.wa.gov/ECMSUserManager/ForgotPassword.aspx?system=5=https://gogoanimex.me
https://bbs.vivo.com/in/link?target=https://gogoanimex.me/hitori-no-shita-the-outcast-2nd-season-episode-1
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/nierautomata-ver1-1a%22%3Enierautomata-ver1-1a-gogoanime%3C/a%3E
https://www.pasda.psu.edu/uci/lancasterAgreement.aspx?File=https://gogoanimex.me
https://track-registry.theknot.com/track/forward/d191573b-9d7d-4bcc-8d7b-45ccb411128b?rt=10275=https://gogoanimex.me
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/kimetsu-no-yaiba-yuukaku-hen%22%3Ekimetsu-no-yaiba-yuukaku-hen-gogoanime%3C/a%3E
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/gakusen-toshi-asterisk-2nd-season%22%3Egakusen-toshi-asterisk-2nd-season-gogoanime%3C/a%3E
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/gakusen-toshi-asterisk-2nd-season%22%3Egakusen-toshi-asterisk-2nd-season-gogoanime%3C/a%3E%3C/h1%3E
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/tensei-shitara-slime-datta-ken-2nd-season%22%3Etensei-shitara-slime-datta-ken-2nd-season-gogoanime%3C/a%3E
https://tool.lusongsong.com/Alexa/21.php?url=%3Ca%20href=%22https://gogoanimex.me/category/bungou-stray-dogs%22%3Ebungou-stray-dogs-gogoanime%3C/a%3E
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/date-a-live-v%22%3Edate-a-live-v-GogoAnime%3C/a%3E%3C/h1%3E
https://www.merdeka.com/?c=%3Ch1%3E%3Ca%20href=%22https://gogoanimex.me/category/prison-school%22%3Eprison-school-GogoAnime%3C/a%3E%3C/h1%3E
https://guru.sanook.com/?URL=https://gogoanimex.me/category/hitori-no-shita-the-outcast

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

Chuck Caldarale  changed:

   What|Removed |Added

URL|https://forum.czaswojny.int |
   |eria.pl/index.php?page=User |
   |=30514   |

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

user1000 <2305g...@navalcadets.com> changed:

   What|Removed |Added

URL||https://forum.czaswojny.int
   ||eria.pl/index.php?page=User
   ||=30514

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

ryooodan  changed:

   What|Removed |Added

 CC|guillermo.gran...@gmail.com |

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

--- Comment #14 from ryodan  ---
SHUUMATSU NO HAREM
Type: Winter 2022 Anime

Plot Summary: The Man-Killer Virus: a lethal disease that has eradicated 99.9%
of the world's male population. Mizuhara Reito has been in cryogenic sleep for
the past five years, leaving behind Tachibana Erisa, the girl of his dreams.
When Reito awakens from the deep freeze, he emerges into a sex-crazed new world
where he himself is the planet's most precious resource. Reito and four other
male studs are given lives of luxury and one simple mission: repopulate the
world by impregnating as many women as possible! All Reito wants, however, is
to find his beloved Erisa who went missing three years ago. Can Reito resist
temptation and find his one true love?

Genre: Ecchi, Harem, Sci-Fi, Shounen

Released: 2022

Episodes: 11

Status: Completed

Other name: 終末のハーレム , しゅうまつのハーレム , Shūmatsu no Hāremu , World's End Harem

Watch Shuumatsu no Harem Episode 1 English Subbed at GogoAnime
https://gogoanimex.me/shuumatsu-no-harem-episode-1

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

--- Comment #13 from ryodan  ---
SASAYAKU YOU NI KOI WO UTAU
Type: Spring 2024 Anime

Plot Summary: Yori Asanagi is a mature girl in many ways but is still pure when
it comes to romance. That sentiment is proven when an underclassman, Himari
Kino, suddenly confesses love to her after her band performance at the freshman
opening ceremony. Confused and surprised, Yori asks her friends for
consultation, but they tease her by saying that she is experiencing love. Yori
soon makes up her mind and tries to return Himari's feelings, but in a twist of
events, she realizes that what Himari loved was not her, but her music! As Yori
continues to pursue her love for Himari, she promises to make Himari fall for
her. However, will this passionate love bloom or remain unrequited?

Genre: Romance, School, Yuri

Released: 2024

Episodes: 8

Status: Ongoing

Other name: Whisper Me a Love Song, Whispering You a Love Song , ささやくように恋を唄う

Watch Sasayaku You ni Koi wo Utau Episode 1 English Subbed at GogoAnime
https://gogoanimex.me/sasayaku-you-ni-koi-wo-utau-episode-1

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

--- Comment #12 from ryodan  ---
https://bz.apache.org/bugzilla/show_bug.cgi?id=57665

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[Mark Thomas]

On 17/01/2020 14:25, Christopher Schultz wrote:
> Mark,
> 
> On 1/16/20 8:11 AM, Mark Thomas wrote:
>> On 16/01/2020 12:00, bugzi...@apache.org wrote:
>>> https://bz.apache.org/bugzilla/show_bug.cgi?id=61542
>>>
>>> --- Comment #13 from Sam  ---
> 
>> This idiot has been blocked from BZ for spam and the spam comment
>> deleted.
> 
> The previous comment also appears to be the same kind of spam.

Thanks. That idiot has been blocked too and their spam comments deleted.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[Christopher Schultz]

-BEGIN PGP SIGNED MESSAGE-
Hash: SHA256

Mark,

On 1/16/20 8:11 AM, Mark Thomas wrote:
> On 16/01/2020 12:00, bugzi...@apache.org wrote:
>> https://bz.apache.org/bugzilla/show_bug.cgi?id=61542
>> 
>> --- Comment #13 from Sam  ---
> 
> This idiot has been blocked from BZ for spam and the spam comment
> deleted.

The previous comment also appears to be the same kind of spam.

- -chris
-BEGIN PGP SIGNATURE-
Comment: Using GnuPG with Thunderbird - https://www.enigmail.net/

iQIzBAEBCAAdFiEEMmKgYcQvxMe7tcJcHPApP6U8pFgFAl4hw9oACgkQHPApP6U8
pFhV0A/+NEh0JZgJSqKULZ/eE9Qww3KhvMQfUZsC8OdjabXJI3G2RJlwT6e86u7C
KVkYAb8s2hAoQO8HAMnGLTO2VA2jsPgohM03aOaVSsK1U97LuuX9ObWbuiGQwSso
LYJcHqK2NaGEKIxiX8Y8Ywe1X33UKyUVTgP/nfmC/PBJ7BDPmf4tY3ZVqSVY1jnd
0ErVz10vaOqmeDX48YCjgmpU9j2VN9U1NFvwMtSBz2+5uKMj4AsbQdlHvijggRWQ
GRGsNpATJrWfHRUt6v6wcEGQYBMlorUAkutpuzS5FTQ9mce2Cvrae5FNXHugP8/K
J+OOO+sTp6KBnug3shcf0NAKIGah8FRNjR8O+S0SIcSmRrVfkoblAlk1axp3IojD
166+w5OBnBSSpcAuG5kVq+DuPdiS5bEpJnG5zmcBOhL6Zm5Nam2GS5ClJ4voeZC4
76E0tcx4r3wNpUYagCmYAi5TLQfBgYSFJjtivqoVFzJQf1H1ePTDLuoZ1A6T1j14
SOjn5hz9rRZQRfeRrfC9JMyWUBgJOdUmGJHd+zrB3mgAxv/B/aPo9zIaYFIUjWnY
AwaJWySGG8X6R47QjacfGmoWn8SsU+4r4h88hpYfyGvLeD3RF7mC8Yyu3VSLlk8a
PBHmv0bCLZ0Pb31O92KcQmCYLqfFBGewaIj8IF2q4v42EyBnYlU=
=Me0y
-END PGP SIGNATURE-

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

Re: [Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[Mark Thomas]

On 16/01/2020 12:00, bugzi...@apache.org wrote:
> https://bz.apache.org/bugzilla/show_bug.cgi?id=61542
> 
> --- Comment #13 from Sam  ---

This idiot has been blocked from BZ for spam and the spam comment deleted.

Mark

-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

--- Comment #13 from Sam  ---
Hello Mark, is this issue fixed? 
Best regards,
Sam.
https://getpeople.io

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

--- Comment #14 from Mike Smith  ---
Hello Mark, does this issue fixed already? Or any source? Thanks

Mike S.
http://www.insolvencyhelpline.co.uk/;

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

xing  changed:

   What|Removed |Added

  Component|Catalina|Catalina
Version|9.0.0.M22   |8.5.15
   Target Milestone|-   |
Product|Tomcat 9|Tomcat 8

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

ann chriss  changed:

   What|Removed |Added

 OS||All

--- Comment #13 from ann chriss  ---
thanks

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

cailei  changed:

   What|Removed |Added

  Component|Servlet & JSP API   |Catalina
Version|7.0.81  |9.0.0.M22
 OS|All |Windows Server 2012 R2
Product|Tomcat 7|Tomcat 9
   Target Milestone|--- |-

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

--- Comment #12 from Castro B  ---
Hello Mark, does this issue fixed already? Or any source? Thanks

Castro B.
http://buywebtrafficexperts.com/;

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

Mark Thomas  changed:

   What|Removed |Added

 Status|NEW |RESOLVED
 Resolution|--- |FIXED

--- Comment #11 from Mark Thomas  ---
Fixed in:
- trunk for 9.0.0 onwards
- 8.5.x for 8.5.22 onwards
- 8.0.x for 8.0.47 onwards
- 7.0.x for 7.0.82 onwards

I'm on the fence regarding the suggested documentation change. If a sysadmin
doesn't understand what enabling HTTP PUT and/or DELETE means I don't think any
realistic amount of documentation is going to result in a correctly secured
Tomcat instance.

Maybe what we need is a link to the security page from every setting called out
in the security page. Something to ponder / discuss on the dev@ list.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

--- Comment #10 from Peter Stöckli  ---
Created attachment 35361
  --> https://bz.apache.org/bugzilla/attachment.cgi?id=35361=edit
proposal to improve doc of the readonly flag

First of all: your work is greatly appreciated!
And I didn't know that Tomcat is also widely used as WebDAV server. So it makes
sense to keep that option.

Attached is a patch that could help improve the documentation of the readonly
flag.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

--- Comment #9 from Mark Thomas  ---
Indeed. Lots of folks run Tomcat with WebDAV on internal sites. Hard-coding
readonly to true is simply not an option.

Regarding better documentation, patches welcome.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

--- Comment #8 from Remy Maucherat  ---
(In reply to Peter Stöckli from comment #7)
> Isn't the mere existence of the readonly parameter also part of the problem?
> 
> https://tomcat.apache.org/tomcat-7.0-doc/default-servlet.html
> It is currently documented as "Is this context "read only", so HTTP commands
> like PUT and DELETE are rejected? [true]"
> 
> But it holds more "surprises". IMHO this parameter should NEVER be set to
> false. Maybe it can be removed or the documentation of this parameter can be
> improved?

Have you ever heard of WebDAV ? Obviously if we were writing Tomcat today, we
would never bother implementing it. Also obviously, nobody running a public
server should enable it, secured or not. But it's not going to be removed
either.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

--- Comment #7 from Peter Stöckli  ---
Isn't the mere existence of the readonly parameter also part of the problem?

https://tomcat.apache.org/tomcat-7.0-doc/default-servlet.html
It is currently documented as "Is this context "read only", so HTTP commands
like PUT and DELETE are rejected? [true]"

But it holds more "surprises". IMHO this parameter should NEVER be set to
false. Maybe it can be removed or the documentation of this parameter can be
improved?

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

Guillermo Grandes  changed:

   What|Removed |Added

 CC||guillermo.gran...@gmail.com

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

--- Comment #6 from Mark Thomas  ---
Nope. That will fail for directories where the trailing '/' is provided since
it will have been removed from the absolute and canonical paths.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

--- Comment #5 from Mark Thomas  ---
Maybe a better check would be that, given the path will already have been
normalised, if the the absolute path ends with the given name.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

--- Comment #4 from Remy Maucherat  ---
Well, every time there's surprising normalization, it causes security issues so
it's a big API mistake :) The normalization of the input path should only
happen for getCanonicalPath, that's the whole point.

Of course, I probably knew about this behavior a while ago then since there's
the '/' check for get. On the plus side the issue is not that serious (readonly
needed) so it's not the end of the world.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

--- Comment #3 from Mark Thomas  ---
The File API certainly isn't helping.

When a file named '/test.jsp' exists '/test.jsp/' -> '/test.jsp' is surprising.
Less so when it doesn't exist because it could be referring to a directory and
both forms are valid for a directory.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org

[Bug 61542] Apache Tomcat Remote Code Execution via JSP Upload bypass

[bugzilla]

https://bz.apache.org/bugzilla/show_bug.cgi?id=61542

Remy Maucherat  changed:

   What|Removed |Added

Summary|none|Apache Tomcat Remote Code
   ||Execution via JSP Upload
   ||bypass

--- Comment #2 from Remy Maucherat  ---
Hum, actually this looks like a File API issue. With the (correct) /1.jsp/ path
input, (new File(name)).getPath() just strips the trailing '/', and of course
getAbsolutePath, which is used for the safety net check, also does it. There's
a problem there.

Restoring the BZ name since it's pointless.

-- 
You are receiving this mail because:
You are the assignee for the bug.
-
To unsubscribe, e-mail: dev-unsubscr...@tomcat.apache.org
For additional commands, e-mail: dev-h...@tomcat.apache.org