Project

General

Profile

Actions
Copy link

Defect #31968

open

MIME Content Type is not properly handled while attaching the files

Added by Amit Mehendale over 6 years ago. Updated over 6 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
-
Category:
Attachments
Target version:
-
Start date:
Due date:
% Done:

0%

Estimated time:
Resolution:
Affected version:
4.0.4

Description

Recently upgraded to 4.0.4. While doing the Information security testing, Team raised a vulnerability
"The application does not validate the content type of file being uploaded. This would enable an adversary to upload a malicious file onto the server."

If I change the extension of a file from .com to .pdf, Redmine allows file upload in issues as attachment and stores contenttype as "*application/pdf*" in table.

Due to this issue we are unable to roll out new version.

Urgent help required.
Thanks

Files

Download all files
WinSCP.pdf (286 KB) WinSCP.pdf This is a executable file and should not be allowed to upload Amit Mehendale, 2019-08-28 08:12
attachment.rb (16 KB) attachment.rb Amit Mehendale, 2019-08-28 14:41

Related issues

Related to Redmine - Feature #43473: Reject file uploads when actual MIME type does not match the file extensionNew

Actions
Actions
Copy link

Also available in: Atom PDF