Westpoint Security Advisory

Title:          Jetty CGIServlet Arbitrary Command Execution			
Risk Rating:	Medium
Software: 	Jetty Servlet Container
Platforms:	Win32 (other platforms not tested)			
Vendor URL: 	www.mortbay.org	
Author:		Matt Moore <matt@westpoint.ltd.uk>
Date:	        1st October 2002	
Advisory ID#:	wp-02-0011.txt

Jetty is a 100% Java HTTP Server and Servlet Container. A flaw
in the CGIServlet allows an attacker to execute arbitrary commands
on the server.


Commands can be executed on the server by making requests like:


Patch / Workaround Information:

The vendor responded quickly and has released a fixed version, 4.1.0
which can be downloaded from http://jetty.mortbay.org

Excerpt from Vendor announcement at:


'4.1.0 also contains a priority security fix for the CGI servlet
running on windows platforms. This remotely exploitable problem
effects all previous versions of Jetty that use the CGI servlet
on windows without a permissions file configured for the context.
The CGI servlet from 4.1.0 may be used in 4.0 releases.'

This advisory is available online at:


Designed & Built by e3creative