Security issues

[paj28]

The web server has a couple of security issues:

1. Directory traversal - If you make a request like GET /../secret.txt then you can access files outside of the document root. You can't exploit this in most web browsers because they normalize the path, but if you use a tool like Burp you can.

2. Cross-site scripting - If there's a file named < i >foo.txt or similar (possible on Linux, not Windows) then the tags appear in directory listings. Probably not exploitable in any likely scenario, but would be worth fixing.

I did look for some contact info to submit this privately but couldn't find any.

[djessup]

Thanks @paj28 - this was actually a quick hackathon project and not really intended for any kind of serious use, but appreciate the comments - might try patching them up when I get some time off :)