Gossamer Threads DBMan存在信息泄露漏洞发布时间:2000-09-11 更新时间:2000-09-11 严重程度:中 威胁程度:服务器信息泄露 错误类型:设计错误 利用方式:服务器模式 受影响系统 下面平台的软件存在问题:详细描述 从WEB服务器上向Gossamer Threads DBMan脚本请求一不合法的数据库文件会返回包含环境变量的CGI错误,参数显示包括本地ROOT路径,服务器管理员帐号名,WEB服务器的软件,平台等。 测试代码 http://target/scripts/dbman/db.cgi?db=invalid-db 解决方案 检查配置文件中$db_debug是否关闭并且在db.cgi文件中用下面的代替cgierr. sub cgierr { # -------------------------------------------------------- # Displays any errors and prints out FORM and ENVIRONMENT # information. Useful for debugging. if (!$html_headers_printed) { print "Content-type: text/html\n\n"; $html_headers_printed = 1; } print "DBMan encountered an internal error. "; if ($db_debug) { print " \n\nCGI ERROR\n==========================================\n"; $_[0] and print "Error Message : $_[0]\n"; $0 and print "Script Location : $0\n"; $] and print "Perl Version : $]\n"; $db_setup and print "Setup File : $db_setup.cfg\n"; $db_userid and print "User ID : $db_userid\n"; $db_uid and print "Session ID : $db_uid\n"; print "\nForm Variables\n-------------------------------------------\n"; foreach $key (sort keys %in) { my $space = " " x (20 - length($key)); print "$key$space: $in{$key}\n"; } print "\nEnvironment Variables\n-------------------------------------------\n"; foreach $env (sort keys %ENV) { my $space = " " x (20 - length($env)); print "$env$space: $ENV{$env}\n"; } print "\n "; } else { print "Please enable debugging to view."; } exit -1; } 相关信息 |
