|
|
Apache Server Side Include存在跨站脚本执行漏洞
发布时间:2002-10-09
更新时间:2002-10-09
严重程度:中
威胁程度:用户敏感信息泄露
错误类型:输入验证错误
利用方式:客户机模式
BUGTRAQ ID:5847
CVE(CAN) ID:CAN-2002-0840
受影响系统Apache Software Foundation Apache 1.3
- Microsoft Windows 2000 Workstation
- Microsoft Windows NT 4.0
Apache Software Foundation Apache 1.3.1
Apache Software Foundation Apache 1.3.3
+ RedHat Linux 5.2 alpha
+ RedHat Linux 5.2 i386
+ RedHat Linux 5.2 sparc
Apache Software Foundation Apache 1.3.4
+ BSDI BSD/OS 4.0
Apache Software Foundation Apache 1.3.6
+ Sun Cobalt ManageRaQ3 3000R-mr
+ Sun Cobalt RaQ3 3000R
+ Sun Cobalt Velociraptor
Apache Software Foundation Apache 1.3.9
+ Debian Linux 2.2
+ Debian Linux 2.2 68k
+ Debian Linux 2.2 alpha
+ Debian Linux 2.2 arm
+ Debian Linux 2.2 powerpc
+ Debian Linux 2.2 sparc
+ Netscreen NetScreen-Global PRO Express Policy Manager Server
+ Netscreen NetScreen-Global PRO Policy Manager Server
- Sun Solaris 8.0
- Sun Solaris 8.0 _x86
Apache Software Foundation Apache 1.3.11
Apache Software Foundation Apache 1.3.12
+ Netscreen NetScreen-Global PRO Express Policy Manager Server
+ Netscreen NetScreen-Global PRO Policy Manager Server
+ OpenBSD OpenBSD 2.8
+ RedHat Linux 6.2 alpha
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 sparc
+ RedHat Linux 7.0 alpha
+ RedHat Linux 7.0 i386
+ S.u.S.E. Linux 7.0
+ S.u.S.E. Linux 7.0 sparc
+ Sun Cobalt ManageRaQ v2 3599BD
+ Sun Cobalt Qube3 4000WG
+ Sun Cobalt RaQ XTR 3500R
+ Sun Cobalt RaQ4 3001R
Apache Software Foundation Apache 1.3.14
+ EnGarde Secure Linux 1.0.1
+ MandrakeSoft Linux Mandrake 7.1
+ MandrakeSoft Linux Mandrake 7.2
- MandrakeSoft Single Network Firewall 7.2
Apache Software Foundation Apache 1.3.17
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Linux Mandrake 8.0
+ MandrakeSoft Linux Mandrake 8.0 ppc
+ OpenBSD OpenBSD 2.8
+ S.u.S.E. Linux 7.1
Apache Software Foundation Apache 1.3.18
Apache Software Foundation Apache 1.3.19
- Apple MacOS X 10.0.3
- Caldera eDesktop 2.4
- Caldera eServer 2.3.1
- Caldera OpenLinux 2.4
+ Debian Linux 2.3
- Digital (Compaq) TRU64/DIGITAL UNIX 4.0 f
- Digital (Compaq) TRU64/DIGITAL UNIX 4.0 g
- Digital (Compaq) TRU64/DIGITAL UNIX 5.0
+ EnGarde Secure Linux 1.0.1
- FreeBSD FreeBSD 3.5.1
- FreeBSD FreeBSD 4.2
- HP HP-UX 10.20
- HP HP-UX 11.0
- HP HP-UX 11.0 4
- HP HP-UX 11.11
+ HP Secure OS software for Linux 1.0
- HP VirtualVault 4.5
- MandrakeSoft Linux Mandrake 7.1
- MandrakeSoft Linux Mandrake 7.2
- MandrakeSoft Linux Mandrake 8.0
+ MandrakeSoft Linux Mandrake 8.1
- NetBSD NetBSD 1.5
- NetBSD NetBSD 1.5.1
- OpenBSD OpenBSD 2.8
+ OpenBSD OpenBSD 2.9
+ OpenBSD OpenBSD 3.0
- RedHat Linux 6.2
- RedHat Linux 7.0
- RedHat Linux 7.1
+ S.u.S.E. Linux 6.4
+ S.u.S.E. Linux 6.4 alpha
+ S.u.S.E. Linux 6.4 i386
+ S.u.S.E. Linux 6.4 ppc
+ S.u.S.E. Linux 7.0
+ S.u.S.E. Linux 7.0 alpha
+ S.u.S.E. Linux 7.0 i386
+ S.u.S.E. Linux 7.0 ppc
+ S.u.S.E. Linux 7.0 sparc
+ S.u.S.E. Linux 7.1
+ S.u.S.E. Linux 7.1 alpha
+ S.u.S.E. Linux 7.1 ppc
+ S.u.S.E. Linux 7.1 sparc
+ S.u.S.E. Linux 7.1 x86
+ S.u.S.E. Linux 7.2
+ S.u.S.E. Linux 7.2 i386
- SGI IRIX 6.5.8
- SGI IRIX 6.5.9
- Sun Solaris 7.0
- Sun Solaris 8.0
Apache Software Foundation Apache 1.3.20
- HP HP-UX 11.20
- HP HP-UX 11.22
+ MandrakeSoft Single Network Firewall 7.2
+ S.u.S.E. Linux 7.3
+ S.u.S.E. Linux 7.3 i386
+ S.u.S.E. Linux 7.3 ppc
+ S.u.S.E. Linux 7.3 sparc
+ SGI IRIX 6.5.12
+ SGI IRIX 6.5.12 f
+ SGI IRIX 6.5.12 m
+ SGI IRIX 6.5.13
+ SGI IRIX 6.5.13 f
+ SGI IRIX 6.5.13 m
+ SGI IRIX 6.5.14
+ SGI IRIX 6.5.14 f
+ SGI IRIX 6.5.14 m
+ SGI IRIX 6.5.15
+ SGI IRIX 6.5.16
+ Slackware Linux 8.0
+ Sun Cobalt Control Station 4100CS
Apache Software Foundation Apache 1.3.22
+ Caldera OpenLinux Server 3.1
+ Caldera OpenLinux Server 3.1.1
+ Caldera OpenLinux Workstation 3.1
+ Caldera OpenLinux Workstation 3.1.1
+ Conectiva Linux 6.0
+ Conectiva Linux 7.0
+ Conectiva Linux 8.0
+ MandrakeSoft Corporate Server 1.0.1
+ MandrakeSoft Linux Mandrake 7.2
+ MandrakeSoft Linux Mandrake 8.0
+ MandrakeSoft Linux Mandrake 8.0 ppc
+ MandrakeSoft Linux Mandrake 8.1
+ MandrakeSoft Linux Mandrake 8.1 ia64
+ OpenPKG OpenPKG 1.0
+ RedHat Linux 6.2 alpha
+ RedHat Linux 6.2 i386
+ RedHat Linux 6.2 sparc
+ RedHat Linux 7.0 alpha
+ RedHat Linux 7.0 i386
+ RedHat Linux 7.1 alpha
+ RedHat Linux 7.1 i386
+ RedHat Linux 7.1 ia64
+ RedHat Linux 7.2 i386
+ RedHat Linux 7.2 ia64
+ Sun Solaris 8.0
+ Sun Solaris 8.0 _x86
+ Sun Solaris 9.0
Apache Software Foundation Apache 1.3.23
- IBM AIX 4.3
+ MandrakeSoft Linux Mandrake 8.2
+ RedHat Linux 7.3
+ RedHat Linux 7.3 i386
+ S.u.S.E. Linux 8.0
+ S.u.S.E. Linux 8.0 i386
+ Trustix Secure Linux 1.1
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.5
Apache Software Foundation Apache 1.3.24
+ OpenBSD OpenBSD 3.1
+ Oracle Oracle 9i Application Server 1.0.2
+ Oracle Oracle 9i Application Server 1.0.2 .1s
+ Oracle Oracle 9i Application Server 1.0.2 .2
+ Oracle Oracle 9i Application Server 9.0.2
+ Oracle Oracle HTTP Server 9.0.1
+ Oracle Oracle HTTP Server 9.2 .0
+ Slackware Linux 8.1
+ Unisphere Networks SDX-300 2.0.3
Apache Software Foundation Apache 1.3.25
Apache Software Foundation Apache 1.3.26
+ Conectiva Linux 6.0
+ Conectiva Linux 7.0
+ Conectiva Linux 8.0
+ OpenPKG OpenPKG 1.1
+ Trustix Secure Linux 1.1
+ Trustix Secure Linux 1.2
+ Trustix Secure Linux 1.5
Apache Software Foundation Apache 2.0
Apache Software Foundation Apache 2.0.28
Apache Software Foundation Apache 2.0.32
Apache Software Foundation Apache 2.0.35
Apache Software Foundation Apache 2.0.36
Apache Software Foundation Apache 2.0.37
Apache Software Foundation Apache 2.0.38
Apache Software Foundation Apache 2.0.39
Apache Software Foundation Apache 2.0.40
Apache Software Foundation Apache 2.0.41
Apache Software Foundation Apache 2.0.42
Oracle Oracle 8i Enterprise Edition 8.1.7 .1.0
Oracle Oracle 8i Enterprise Edition 8.1.7 .0.0
Oracle Oracle 9i Application Server 1.0.2 .2
Oracle Oracle 9i Application Server 1.0.2 .1s
Oracle Oracle 9i Application Server 1.0.2
Oracle Oracle 9i Application Server 9.0.2 release 2
Oracle Oracle 9i Application Server 9.0.2
Oracle Oracle 9iAS Reports 9.0.2 .1
Oracle Oracle8 8.1.7
- Microsoft Windows 2000 Workstation
Oracle Oracle8i 8.1.7 .1
Oracle Oracle8i 8.1.7
Oracle Oracle9iAS Reports 9.0.2 详细描述
APACHE的SSI错误页面不正确过滤HTML代码,可导致攻击者利用跨站脚本执行攻击进行WEB会话劫持,COOKIE信息获得等攻击。
主要是SSI错误页面对HTTP/1.1 "Host"头部信息过滤不充分,APACHE就直接把包含这些HTML标记的头部信息作为整个数据传递个目标用户浏览器中。
测试代码
http://%3CIMG%20SRC%3D%22%22%20ONERROR%3D%22alert%28document%2Ecookie%29%22
%3E.apachesite.org/raise_404
解决方案
升级程序:
Apache Software Foundation Apache 1.3:
Apache Software Foundation Apache 1.3.1:
Apache Software Foundation Apache 1.3.3:
Apache Software Foundation Apache 1.3.4:
Apache Software Foundation Apache 1.3.6:
Apache Software Foundation Apache 1.3.9:
Apache Software Foundation Apache 1.3.11:
Apache Software Foundation Apache 1.3.12:
Apache Software Foundation Apache 1.3.14:
Apache Software Foundation Apache 1.3.17:
Apache Software Foundation Apache 1.3.18:
Apache Software Foundation Apache 1.3.19:
EnGarde Secure Linux RPM apache-1.3.27-1.0.32.i386.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i386/apache-1.3.27-1.0.32.i386.rpm
EnGarde Secure Linux RPM apache-1.3.27-1.0.32.i686.rpm
ftp://ftp.engardelinux.org/pub/engarde/stable/updates/i686/apache-1.3.27-1.0.32.i686.rpm
Apache Software Foundation Apache 1.3.20:
Apache Software Foundation Upgrade apache_1.3.27.tar.gz
http://www.apache.org/dist/httpd/apache_1.3.27.tar.gz
Apache Software Foundation Apache 1.3.22:
Apache Software Foundation Upgrade apache_1.3.27.tar.gz
http://www.apache.org/dist/httpd/apache_1.3.27.tar.gz
OpenPKG Upgrade apache-1.3.22-1.0.5.src.rpm
ftp://ftp.openpkg.org/release/1.0/UPD/apache-1.3.22-1.0.5.src.rpm
Apache Software Foundation Apache 1.3.23:
Apache Software Foundation Upgrade apache_1.3.27.tar.gz
http://www.apache.org/dist/httpd/apache_1.3.27.tar.gz
Apache Software Foundation Apache 1.3.24:
Apache Software Foundation Upgrade apache_1.3.27.tar.gz
http://www.apache.org/dist/httpd/apache_1.3.27.tar.gz
Apache Software Foundation Apache 1.3.25:
Apache Software Foundation Upgrade apache_1.3.27.tar.gz
http://www.apache.org/dist/httpd/apache_1.3.27.tar.gz
Apache Software Foundation Apache 1.3.26:
Apache Software Foundation Upgrade apache_1.3.27.tar.gz
http://www.apache.org/dist/httpd/apache_1.3.27.tar.gz
OpenPKG Upgrade apache-1.3.26-1.1.1.src.rpm
ftp://ftp.openpkg.org/release/1.1/UPD/apache-1.3.26-1.1.1.src.rpm
Apache Software Foundation Apache 2.0:
Apache Software Foundation Upgrade httpd-2.0.43.tar.gz
http://www.apache.org/dist/httpd/httpd-2.0.43.tar.gz
Apache Software Foundation Apache 2.0.28:
Apache Software Foundation Upgrade httpd-2.0.43.tar.gz
http://www.apache.org/dist/httpd/httpd-2.0.43.tar.gz
Apache Software Foundation Apache 2.0.32:
Apache Software Foundation Upgrade httpd-2.0.43.tar.gz
http://www.apache.org/dist/httpd/httpd-2.0.43.tar.gz
Apache Software Foundation Apache 2.0.35:
Apache Software Foundation Upgrade httpd-2.0.43.tar.gz
http://www.apache.org/dist/httpd/httpd-2.0.43.tar.gz
Apache Software Foundation Apache 2.0.36:
Apache Software Foundation Upgrade httpd-2.0.43.tar.gz
http://www.apache.org/dist/httpd/httpd-2.0.43.tar.gz
Apache Software Foundation Apache 2.0.37:
Apache Software Foundation Upgrade httpd-2.0.43.tar.gz
http://www.apache.org/dist/httpd/httpd-2.0.43.tar.gz
Apache Software Foundation Apache 2.0.38:
Apache Software Foundation Upgrade httpd-2.0.43.tar.gz
http://www.apache.org/dist/httpd/httpd-2.0.43.tar.gz
Apache Software Foundation Apache 2.0.39:
Apache Software Foundation Upgrade httpd-2.0.43.tar.gz
http://www.apache.org/dist/httpd/httpd-2.0.43.tar.gz
Apache Software Foundation Apache 2.0.40:
Apache Software Foundation Upgrade httpd-2.0.43.tar.gz
http://www.apache.org/dist/httpd/httpd-2.0.43.tar.gz
Apache Software Foundation Apache 2.0.41:
Apache Software Foundation Upgrade httpd-2.0.43.tar.gz
http://www.apache.org/dist/httpd/httpd-2.0.43.tar.gz
Apache Software Foundation Apache 2.0.42:
Apache Software Foundation Upgrade httpd-2.0.43.tar.gz
http://www.apache.org/dist/httpd/httpd-2.0.43.tar.gz
相关信息
"mattmurphy@kc.rr.com" <mattmurphy@kc.rr.com>.
参考:http://online.securityfocus.com/advisories/4532
http://online.securityfocus.com/archive/1/294119
http://online.securityfocus.com/archive/1/293791
http://otn.oracle.com/deploy/security/pdf/2002alert
|
