download script (PHP/ASP) source code in certain conditions

RESOLVED INCOMPLETE

Status

()

Firefox
General
RESOLVED INCOMPLETE
11 years ago
8 years ago

People

(Reporter: Ehrys Marakai, Unassigned)

Tracking

2.0 Branch
x86
Windows Vista
Points:
---

Firefox Tracking Flags

(Not tracked)

Details

(Reporter)

Description

11 years ago
User-Agent:       Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3
Build Identifier: Mozilla/5.0 (Windows; U; Windows NT 6.0; en-GB; rv:1.8.1.3) Gecko/20070309 Firefox/2.0.0.3

I found that if the cache was corrupted whilst loading a script and firefox shut down, whenever trying to access any page under that domain would allow you to download the source code of the script file used to generate the page.

The problem is fixed by deleting the cache files, however, this could allow someone to maliciously gain control of a website by allowing them to download sensitive information (such as database username and password).

Reproducible: Sometimes

Steps to Reproduce:
1. Begin loading a website from a script (in my case PHP)
2. Instantly shut down the machine whilst it is loading, power off. (Or manually corrupt the cache yourself)
3. Reload the script under the browser without restoring the session
Actual Results:  
Allows the download of script files direct from the webserver as firefox now seems unable to recognise "application/x-httpd" files from the webserver.

Expected Results:  
Firefox should not allow me access to the source code. The page should have displayed properly.

OS: Windows Vista Business Edition
Theme: Aeroglass
(Reporter)

Updated

11 years ago
Summary: download script (PHP/ASP) source code if cache corrupt → download script (PHP/ASP) source code in certain conditions
For Firefox to get access to the site's source code, the server has to be sending it, and if the server is sending code instead of executing it, then that's a server-side problem, not a local Firefox problem. Firefox - corrupt cache or not - can't see things that the server doesn't send it, so this isn't a Firefox security issue.

Can you provide an example link of a site that behaves differently after the cache is "corrupted"?
Group: security

Updated

11 years ago
Severity: critical → normal
Version: unspecified → 2.0 Branch
(Reporter)

Comment 2

11 years ago
An example is http://www.dogsofwarclan.co.uk

Heading there after the "corruption" allowed me to download the source code of the files. But only for that domain. Attempts to access it from the fully qualified domain (http://www.zyned.com/dow/) were successful in retreaving HTML, however, the site layout was incorrect and did not display properly.

Other people accessing the site at the same time did so without trouble. I was also careful to check the server configuration and performed multiple attempts at accessing the source code over different files, including ones not in the cache.

Comment 3

11 years ago
that was probably a server overflow problem. 
do you see that problem on other sites?
This bug was reported on Firefox 2.x or older, which is no longer supported and will not be receiving any more updates. I strongly suggest that you update to Firefox 3.6.3 or later, update your plugins (flash, adobe, etc.), and retest in a new profile. If you still see the issue with the updated Firefox, please post here. Otherwise, please close as RESOLVED > WORKSFORME
http://www.mozilla.com
http://support.mozilla.com/kb/Managing+profiles
http://support.mozilla.com/kb/Safe+mode
No reply, INCOMPLETE. Please retest with Firefox 3.6.x or later and a new profile (http://support.mozilla.com/kb/Managing+profiles). If you continue to see this issue with the newest firefox and a new profile, then please comment on this bug.
Status: UNCONFIRMED → RESOLVED
Last Resolved: 8 years ago
Resolution: --- → INCOMPLETE
You need to log in before you can comment on or make changes to this bug.