[prev in list] [next in list] [prev in thread] [next in thread] 

List:       sandesha-dev
Subject:    =?utf-8?Q?[jira]_[Closed]_(AXIS2-5905?= =?utf-8?Q?)_Apache_Axis2?= =?utf-8?Q?_'xsd'=E5=8F=82?=
From:       "robert lazarski (JIRA)" <jira () apache ! org>
Date:       2018-01-23 13:47:00
Message-ID: JIRA.13132960.1516693960000.16530.1516715220123 () Atlassian ! JIRA
[Download RAW message or body]


     [ https://issues.apache.org/jira/browse/AXIS2-5905?page=com.atlassian.jira.plugin.system.issuetabpanels:all-tabpanel \
]

robert lazarski closed AXIS2-5905.
----------------------------------
    Resolution: Not A Problem

Best I can tell from google translate from Chinese to English, the purpose of this \
issue is "Parameter directory traversal vulnerability" .

However the attachment lists Axis2 version 1.4.1, the latest version is 1.7.7. Your \
version is long unsupported.

Anyways, this vulnerability was fixed back in 2009, see AXIS2-4279 . I just tried the \
enclosed URL and it did not work as described. Closing the issue.

> Apache Axis2 'xsd'参数目录遍历漏洞
> --------------------------
> 
> Key: AXIS2-5905
> URL: https://issues.apache.org/jira/browse/AXIS2-5905
> Project: Axis2
> Issue Type: Bug
> Reporter: 秦振
> Priority: Major
> Attachments: 漏洞.txt
> 
> 




--
This message was sent by Atlassian JIRA
(v7.6.3#76005)

---------------------------------------------------------------------
To unsubscribe, e-mail: java-dev-unsubscribe@axis.apache.org
For additional commands, e-mail: java-dev-help@axis.apache.org


[prev in list] [next in list] [prev in thread] [next in thread]