Bug 1035062 (CVE-2013-6397) - CVE-2013-6397 Apache Solr: directory traversal when loading XSL stylesheets and Velocity templates
Summary: CVE-2013-6397 Apache Solr: directory traversal when loading XSL stylesheets a...
Keywords:
Status: CLOSED ERRATA
Alias: CVE-2013-6397
Product: Security Response
Classification: Other
Component: vulnerability
Version: unspecified
Hardware: All
OS: Linux
high
high
Target Milestone: ---
Assignee: Red Hat Product Security
QA Contact:
URL:
Whiteboard:
Depends On: 1035988 1035989 1038297 1043748
Blocks: 991853 1035063
TreeView+ depends on / blocked
 
Reported: 2013-11-27 01:08 UTC by David Jorm
Modified: 2019-09-29 13:10 UTC (History)
7 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2014-01-15 18:24:04 UTC


Attachments (Terms of Use)


Links
System ID Priority Status Summary Last Updated
Red Hat Product Errata RHSA-2013:1844 normal SHIPPED_LIVE Important: Red Hat JBoss Web Framework Kit 2.4.0 update 2013-12-16 23:21:40 UTC
Red Hat Product Errata RHSA-2014:0029 normal SHIPPED_LIVE Important: Red Hat JBoss Data Grid 6.2.0 update 2014-01-15 22:45:50 UTC

Description David Jorm 2013-11-27 01:08:12 UTC
It was found that the SolrResourceLoader class in Apache Solr allowed loading of resources via absolute paths, or relative paths which were not sanitized for directory traversal. Some Solr components expose REST interfaces which load resources (XSL stylesheets and Velocity templates) via SolrResourceLoader, using paths identified by REST parameters. A remote attacker could use this flaw to load arbitrary local files on the server via SolrResourceLoader, potentially resulting in information disclosure or remote code execution.

Comment 10 errata-xmlrpc 2013-12-16 18:23:16 UTC
This issue has been addressed in following products:

  Red Hat JBoss Web Framework Kit 2.4.0

Via RHSA-2013:1844 https://rhn.redhat.com/errata/RHSA-2013-1844.html

Comment 11 errata-xmlrpc 2014-01-15 17:46:48 UTC
This issue has been addressed in following products:

  Red Hat JBoss Data Grid 6.2.0

Via RHSA-2014:0029 https://rhn.redhat.com/errata/RHSA-2014-0029.html


Note You need to log in before you can comment on or make changes to this bug.