全部博文(89)
分类: LINUX
2012-09-26 18:14:30
Vulnerability description:
The specialists of the Positive Research center have a vulnerability detected "Security restrictions bypass" in nginx for Windows.
The system does not consider that NTFS allows users to address folders with extended syntax attribute, while matching the requested resource URL with locations defined in web server configuration. This allows attackers to bypass access restrictions set for static resources.
Exploitation
location ~/directory/ {
deny all;
}
An attacker can bypass this restriction if he/she calls the resource as follows:
"/directory:$i30:$INDEX_ALLOCATION/file"
"/directory::$index_allocation/file"
"/directory./file"
