Web Application Security
File Upload with changed extension Dec 02 2014 06:44PM
Jyotiranjan Acharya (jyotiranjan121 gmail com) (2 replies)
If you are able to upload a file with a changed extension, then will
that be a problem?
For example, you can not ,in any way, upload a .exe or .php/.jsp/.asp
file directly into a web App, but you can by changing their extension
to .JPG. What is the risk in such a case?

This list is sponsored by Cenzic
--------------------------------------
Let Us Hack You. Before Hackers Do!
It's Finally Here - The Cenzic Website HealthCheck. FREE.
Request Yours Now!
http://www.cenzic.com/2009HClaunch_Securityfocus
--------------------------------------

[ reply ]
Re: File Upload with changed extension Dec 04 2014 01:25AM
Michal Zalewski (lcamtuf coredump cx) (1 replies)
Re: File Upload with changed extension Dec 04 2014 12:26PM
Robin Wood (robin digi ninja)
Re: File Upload with changed extension Dec 03 2014 01:42AM
Guillermo Caminer (flaco webappsec gmail com) (1 replies)
Re: File Upload with changed extension Dec 03 2014 09:44AM
Tobias Wassermann (mail tobias-wassermann de) (1 replies)
Re: File Upload with changed extension Dec 03 2014 03:29PM
Seth Art (sethsec gmail com) (1 replies)
Re: File Upload with changed extension Dec 04 2014 12:21AM
Paul Burbage (paul k burbage gmail com)


 

Privacy Statement
Copyright 2010, SecurityFocus